Lucene search
UbuntuUSN-1173-1HistoryJul 25, 2011 - 12:00 a.m.
FreeType vulnerability
2011-07-2500:00:00
ubuntu.com
33
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.058
Percentile
93.4%
Releases
- Ubuntu 11.04
- Ubuntu 10.10
Packages
- freetype - FreeType 2 is a font engine library
Details
It was discovered that FreeType did not correctly handle certain malformed
Type 1 font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash or possibly
execute arbitrary code with user privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.04 | noarch | libfreetype6 | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | freetype2-demos | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libfreetype6-dev | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | libfreetype6-udeb | < 2.4.4-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libfreetype6 | < 2.4.2-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 10.10 | noarch | freetype2-demos | < 2.4.2-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libfreetype6-dev | < 2.4.2-2ubuntu0.2 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libfreetype6-udeb | < 2.4.2-2ubuntu0.2 | UNKNOWN |
References
Related
openvas
openvas
RedHat Update for freetype RHSA-2011:1085-01
2012-06-06 00:00:00
FreeBSD Ports: freetype2
2011-09-21 00:00:00
Debian Security Advisory DSA 2294-1 (freetype)
2011-09-21 00:00:00
freebsd
freebsd
freetype2 -- execute arbitrary code or cause denial of service
2011-07-19 00:00:00
debian
debian
[SECURITY] [DSA 2294-1] freetype security update
2011-08-14 18:41:39
[BSA-068] Security Update for freetype
2012-03-23 06:56:21
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:59:45
nessus
nessus
SuSE 11.1 Security Update : freetype2 (SAT Patch Number 4921)
2011-07-28 00:00:00
Fedora 14 : freetype-2.4.2-5.fc14 (2011-9525)
2011-08-31 00:00:00
openSUSE Security Update : freetype2 (openSUSE-SU-2011:0852-1)
2014-06-13 00:00:00
nvd
nvd
CVE-2011-0226
2011-07-19 22:55:00
CVE-2011-3256
2011-10-14 10:55:10
cve
cve
CVE-2011-0226
2011-07-19 22:55:00
CVE-2011-3256
2011-10-14 10:55:10
oraclelinux
oraclelinux
freetype security update
2011-07-21 00:00:00
freetype security update
2013-01-31 00:00:00
debiancve
debiancve
CVE-2011-0226
2011-07-19 22:55:00
CVE-2011-3256
2011-10-14 10:55:10
suse
suse
freetype: Fixed several off-by-one / length checks missing (important)
2011-07-28 00:08:34
Security update for freetype2 (important)
2011-07-28 00:08:40
prion
prion
Integer overflow
2011-07-19 22:55:00
Memory corruption
2011-10-14 10:55:00
redhat
redhat
(RHSA-2011:1085) Important: freetype security update
2011-07-21 00:00:00
cvelist
cvelist
CVE-2011-0226
2011-07-19 22:00:00
CVE-2011-3256
2011-10-14 10:00:00
checkpoint_advisories
checkpoint_advisories
FreeType PostScript Type1 Font Parsing Code Execution (CVE-2011-0226)
2011-10-04 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: freetype-2.4.4-5.fc15
2011-08-17 01:15:25
[SECURITY] Fedora 15 Update: freetype-2.4.4-6.fc15
2011-11-10 17:51:50
[SECURITY] Fedora 14 Update: freetype-2.4.2-5.fc14
2011-08-31 01:24:38
ubuntucve
ubuntucve
CVE-2011-0226
2011-07-19 00:00:00
CVE-2011-3256
2011-10-14 00:00:00
securityvulns
securityvulns
APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update
2011-07-18 00:00:00
APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone
2011-07-18 00:00:00
Apple iOS (iOS) security vulnerabilities
2011-07-26 00:00:00
gentoo
gentoo
FreeType: Multiple vulnerabilities
2012-01-23 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.058
Percentile
93.4%
Related for USN-1173-1