Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24937

HistoryApr 10, 2020 - 1:09 a.m.

Arbitrary Code Execution

2020-04-1001:09:33

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

8

0.055 Low

EPSS

Percentile

93.2%

freetype is vulenrable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font (TTF), Glyph Bitmap Distribution Format (BDF), Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

CPENameOperatorVersion
freetypeeq2.2.1__25.el5_5
freetypeeq2.2.1__19.el5
freetypeeq2.2.1__26.el5_5
freetypeeq2.2.1__16.el5
freetypeeq2.2.1__28.el5_7.2
freetypeeq2.3.11__5.el6
freetypeeq2.2.1__21.el5_3
freetypeeq2.2.1__17.el5
freetypeeq2.2.1__28.el5_7.1
freetypeeq2.2.1__28.el5_5.1

Rows per page:

1-10 of 241

References

lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html

rhn.redhat.com/errata/RHSA-2012-0467.html

secunia.com/advisories/48300

secunia.com/advisories/48508

secunia.com/advisories/48758

secunia.com/advisories/48797

secunia.com/advisories/48822

secunia.com/advisories/48918

secunia.com/advisories/48951

secunia.com/advisories/48973

security.gentoo.org/glsa/glsa-201204-04.xml

support.apple.com/kb/HT5503

www.debian.org/security/2012/dsa-2428

www.mandriva.com/security/advisories?name=MDVSA-2012:057

www.mozilla.org/security/announce/2012/mfsa2012-21.html

www.openwall.com/lists/oss-security/2012/03/06/16

www.securityfocus.com/bid/52318

www.securitytracker.com/id?1026765

www.ubuntu.com/usn/USN-1403-1

access.redhat.com/errata/RHSA-2012:0467

access.redhat.com/security/cve/CVE-2012-1136

access.redhat.com/security/updates/classification/#important

bugzilla.mozilla.org/show_bug.cgi?id=733512

bugzilla.redhat.com/show_bug.cgi?id=800594

0.055 Low

EPSS

Percentile

93.2%

Related for VERACODE:24937

nvd1 ubuntucve1 prion1 debiancve1 cvelist1 cve1 openvas26 debian1 securityvulns5 nessus16 redhat1 suse6 oraclelinux1 centos1 gentoo1 ubuntu1 mozilla1 freebsd2