Lucene search
UbuntuUSN-291-1HistoryJun 08, 2006 - 12:00 a.m.
FreeType vulnerabilities
2006-06-0800:00:00
ubuntu.com
63
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.577
Percentile
97.7%
Releases
- Ubuntu 6.06
- Ubuntu 5.10
- Ubuntu 5.04
Details
Several integer overflows have been discovered in the FreeType
library. By tricking a user into installing and/or opening a specially
crafted font file, these could be exploited to execute arbitrary code
with the privileges of that user.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 6.06 | noarch | libfreetype6 | < 2.1.10-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 5.10 | noarch | libfreetype6 | < 2.1.7-2.4ubuntu1.1 | UNKNOWN |
| Ubuntu | 5.04 | noarch | libfreetype6 | < 2.1.7-2.3ubuntu0.1 | UNKNOWN |
Related
nessus
nessus
Debian DSA-1095-1 : freetype - integer overflows
2006-10-14 00:00:00
openSUSE 10 Security Update : freetype2 (freetype2-1608)
2007-10-17 00:00:00
Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerabilities (USN-291-1)
2007-11-10 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1095-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-291-1)
2022-08-26 00:00:00
Debian Security Advisory DSA 1095-1 (freetype)
2008-01-17 00:00:00
osv
osv
freetype - integer overflows
2006-06-10 00:00:00
debian
debian
[SECURITY] [DSA 1095-1] New freetype packages fix several vulnerabilities
2006-06-10 05:22:33
suse
suse
remote code execution in freetype2, freetype2-devel
2006-06-27 12:24:46
centos
centos
freetype security update
2006-07-18 12:29:16
freetype security update
2006-07-18 22:54:54
freetype security update
2009-05-22 14:02:05
redhat
redhat
(RHSA-2006:0500) freetype security update
2006-07-18 00:00:00
(RHSA-2009:1062) Important: freetype security update
2009-05-22 00:00:00
(RHSA-2009:0329) Important: freetype security update
2009-05-22 00:00:00
nvd
nvd
cvelist
cvelist
cve
cve
prion
prion
Integer overflow
2006-05-23 10:06:00
Design/Logic Flaw
2006-05-30 19:02:00
Integer overflow
2006-05-23 10:06:00
debiancve
debiancve
ubuntucve
ubuntucve
freebsd
freebsd
freetype -- LWFN Files Buffer Overflow Vulnerability
2006-07-10 00:00:00
oraclelinux
oraclelinux
Moderate: freetype security update
2007-04-16 00:00:00
freetype security update
2009-05-26 00:00:00
gentoo
gentoo
FreeType: Multiple integer overflows
2006-07-09 00:00:00
NX 2.1: User-assisted execution of arbitrary code
2007-10-09 00:00:00
FreeType 1: User-assisted execution of arbitrary code
2010-06-01 00:00:00
slackware
slackware
[slackware-security] x11
2006-07-26 21:25:09
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:31:37
fedora
fedora
[SECURITY] Fedora 10 Update: freetype1-1.4-0.8.pre.fc10
2009-05-28 08:01:17
[SECURITY] Fedora 11 Update: freetype1-1.4-0.8.pre.fc11
2009-05-28 08:17:11
securityvulns
securityvulns
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
2009-05-14 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.577
Percentile
97.7%
Related for USN-291-1