Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2007-2754HistoryMay 17, 2007 - 10:30 p.m.
CVE-2007-2754
2007-05-1722:30:00
Debian Security Bug Tracker
security-tracker.debian.org
9
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.622 Medium
EPSS
Percentile
97.8%
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | freetype | < 2.2.1-6 | freetype_2.2.1-6_all.deb |
| Debian | 11 | all | freetype | < 2.2.1-6 | freetype_2.2.1-6_all.deb |
| Debian | 999 | all | freetype | < 2.2.1-6 | freetype_2.2.1-6_all.deb |
| Debian | 13 | all | freetype | < 2.2.1-6 | freetype_2.2.1-6_all.deb |
Related
nessus
nessus
GLSA-200705-22 : FreeType: Buffer overflow
2007-06-01 00:00:00
Oracle Linux 3 / 4 / 5 : freetype (ELSA-2007-0403)
2013-07-12 00:00:00
openSUSE 10 Security Update : freetype2 (freetype2-3701)
2007-10-17 00:00:00
openvas
openvas
Debian Security Advisory DSA 1334-1 (freetype)
2008-01-17 00:00:00
Mandriva Update for freetype2 MDKSA-2007:121 (freetype2)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200705-22 (freetype)
2008-09-24 00:00:00
centos
centos
freetype security update
2007-06-11 09:27:08
freetype security update
2007-06-12 00:56:26
freetype security update
2009-05-22 14:02:05
redhat
redhat
(RHSA-2007:0403) Moderate: freetype security update
2007-06-11 00:00:00
(RHSA-2009:1062) Important: freetype security update
2009-05-22 00:00:00
(RHSA-2009:0329) Important: freetype security update
2009-05-22 00:00:00
ubuntucve
ubuntucve
CVE-2007-2754
2007-05-17 00:00:00
CVE-2007-3408
2007-06-26 00:00:00
debian
debian
[SECURITY] [DSA 1302-1] New freetype packages fix integer overflow
2007-06-10 13:48:40
[SECURITY] [DSA 1334-1] New freetype packages fix arbitary code execution
2007-07-18 20:18:17
securityvulns
securityvulns
rPSA-2007-0108-1 freetype
2007-05-25 00:00:00
freetype integer overflow
2007-05-25 00:00:00
OpenOffice buffer overflow
2007-06-14 00:00:00
cve
cve
CVE-2007-2754
2007-05-17 22:30:00
CVE-2007-3408
2007-06-26 18:30:00
cvelist
cvelist
CVE-2007-2754
2007-05-17 22:00:00
CVE-2007-3408
2007-06-26 18:00:00
oraclelinux
oraclelinux
Moderate: freetype security update
2007-06-11 00:00:00
freetype security update
2009-05-26 00:00:00
gentoo
gentoo
FreeType: Buffer overflow
2007-05-30 00:00:00
FreeType 1: User-assisted execution of arbitrary code
2010-06-01 00:00:00
OpenOffice.org: Two buffer overflows
2007-07-02 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:19:09
suse
suse
remote code execution in freetype2
2007-07-04 13:46:33
fedora
fedora
[SECURITY] Fedora 7 Update: freetype-2.3.4-3.fc7
2007-06-06 02:56:13
[SECURITY] Fedora 11 Update: freetype1-1.4-0.8.pre.fc11
2009-05-28 08:17:11
[SECURITY] Fedora 10 Update: freetype1-1.4-0.8.pre.fc10
2009-05-28 08:01:17
prion
prion
Integer overflow
2007-05-17 22:30:00
Design/Logic Flaw
2007-06-26 18:30:00
nvd
nvd
CVE-2007-2754
2007-05-17 22:30:00
CVE-2007-3408
2007-06-26 18:30:00
ubuntu
ubuntu
freetype vulnerability
2007-05-30 00:00:00
freebsd
freebsd
FreeType 2 -- Heap overflow vulnerability
2007-04-27 00:00:00
debiancve
debiancve
CVE-2007-3408
2007-06-26 18:30:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.622 Medium
EPSS
Percentile
97.8%
Related for DEBIANCVE:CVE-2007-2754