Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24942

HistoryApr 10, 2020 - 1:09 a.m.

Arbitrary Code Execution

2020-04-1001:09:35

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

17

0.055 Low

EPSS

Percentile

93.2%

freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font (TTF), Glyph Bitmap Distribution Format (BDF), Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

CPENameOperatorVersion
freetypeeq2.2.1__25.el5_5
freetypeeq2.2.1__19.el5
freetypeeq2.2.1__26.el5_5
freetypeeq2.2.1__16.el5
freetypeeq2.2.1__28.el5_7.2
freetypeeq2.2.1__21.el5_3
freetypeeq2.2.1__28.el5_5
freetypeeq2.2.1__17.el5
freetypeeq2.2.1__28.el5_7.1
freetypeeq2.2.1__28.el5_5.1

Rows per page:

1-10 of 241

References

lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html

lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html

rhn.redhat.com/errata/RHSA-2012-0467.html

secunia.com/advisories/48300

secunia.com/advisories/48508

secunia.com/advisories/48758

secunia.com/advisories/48797

secunia.com/advisories/48822

secunia.com/advisories/48918

secunia.com/advisories/48951

secunia.com/advisories/48973

security.gentoo.org/glsa/glsa-201204-04.xml

support.apple.com/kb/HT5503

www.debian.org/security/2012/dsa-2428

www.mandriva.com/security/advisories?name=MDVSA-2012:057

www.mozilla.org/security/announce/2012/mfsa2012-21.html

www.openwall.com/lists/oss-security/2012/03/06/16

www.securityfocus.com/bid/52318

www.securitytracker.com/id?1026765

www.ubuntu.com/usn/USN-1403-1

access.redhat.com/errata/RHSA-2012:0467

access.redhat.com/security/cve/CVE-2012-1142

access.redhat.com/security/updates/classification/#important

bugzilla.mozilla.org/show_bug.cgi?id=733512

bugzilla.redhat.com/show_bug.cgi?id=800604

0.055 Low

EPSS

Percentile

93.2%

Related for VERACODE:24942

ubuntucve1 cve1 nvd1 debiancve1 prion1 cvelist1 securityvulns5 debian1 openvas26 nessus16 redhat1 suse6 oraclelinux1 centos1 mozilla1 ubuntu1 gentoo1 freebsd2