7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
High
0.036 Low
EPSS
Percentile
91.7%
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5
git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b
git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e
git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog
lists.apple.com/archives/security-announce/2009/jun/msg00002.html
lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
lists.apple.com/archives/security-announce/2009/May/msg00002.html
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secunia.com/advisories/34723
secunia.com/advisories/34913
secunia.com/advisories/34967
secunia.com/advisories/35065
secunia.com/advisories/35074
secunia.com/advisories/35198
secunia.com/advisories/35200
secunia.com/advisories/35204
secunia.com/advisories/35210
secunia.com/advisories/35379
security.gentoo.org/glsa/glsa-200905-05.xml
sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1
support.apple.com/kb/HT3549
support.apple.com/kb/HT3613
support.apple.com/kb/HT3639
support.apple.com/kb/HT4435
www.debian.org/security/2009/dsa-1784
www.mandriva.com/security/advisories?name=MDVSA-2009:243
www.redhat.com/support/errata/RHSA-2009-0329.html
www.redhat.com/support/errata/RHSA-2009-1061.html
www.redhat.com/support/errata/RHSA-2009-1062.html
www.securityfocus.com/bid/34550
www.ubuntu.com/usn/USN-767-1
www.us-cert.gov/cas/techalerts/TA09-133A.html
www.vupen.com/english/advisories/2009/1058
www.vupen.com/english/advisories/2009/1297
www.vupen.com/english/advisories/2009/1522
www.vupen.com/english/advisories/2009/1621
bugzilla.redhat.com/show_bug.cgi?id=491384
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149