ID CVE-2006-3467
Summary Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
References
Vulnerable Configurations
  • FreeType 2.1
    cpe:2.3:a:freetype:freetype:2.1
CVSS
Base: 7.5 (as of 21-07-2006 - 10:44)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059_46.NASL
    description X11 6.6.2: Xsun patch. This patch addresses IAVT 2009-T-0001.
    last seen 2018-09-01
    modified 2018-07-30
    plugin id 82536
    published 2015-04-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82536
    title Solaris 10 (sparc) : 119059-46
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-70.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Nov/12/15
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107805
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107805
    title Solaris 10 (x86) : 119060-70
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-68.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Nov/15/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107803
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107803
    title Solaris 10 (x86) : 119060-68
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-71.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Mar/09/17
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 107806
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107806
    title Solaris 10 (x86) : 119060-71
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-69.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Jul/13/15
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107804
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107804
    title Solaris 10 (x86) : 119060-69
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0500.NASL
    description Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, and portable font engine. Chris Evans discovered several integer underflow and overflow flaws in the FreeType font engine. If a user loads a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code as the user. While it is uncommon for a user to explicitly load a font file, there are several application file formats which contain embedded fonts that are parsed by FreeType. (CVE-2006-0747, CVE-2006-1861, CVE-2006-3467) A NULL pointer dereference flaw was found in the FreeType font engine. An application linked against FreeType can crash upon loading a malformed font file. (CVE-2006-2661) Users of FreeType should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22064
    published 2006-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22064
    title CentOS 3 / 4 : freetype (CESA-2006:0500)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_124833.NASL
    description X11 6.6.1_x86: font patch. Date this patch was last updated by Sun : May/03/07
    last seen 2018-09-01
    modified 2014-08-30
    plugin id 24862
    published 2007-03-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24862
    title Solaris 9 (x86) : 124833-02
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-69.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Nov/15/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107301
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107301
    title Solaris 10 (sparc) : 119059-69
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060_45.NASL
    description X11 6.6.2_x86: Xsun patch. This patch addresses IAVT 2009-T-0001.
    last seen 2018-09-02
    modified 2018-07-30
    plugin id 82537
    published 2015-04-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82537
    title Solaris 10 (x86) : 119060-45
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-65.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Mar/15/14
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107802
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107802
    title Solaris 10 (x86) : 119060-65
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2009-001.NASL
    description The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-001 applied. This security update contains fixes for the following products : - AFP Server - Apple Pixlet Video - CarbonCore - CFNetwork - Certificate Assistant - ClamAV - CoreText - CUPS - DS Tools - fetchmail - Folder Manager - FSEvents - Network Time - perl - Printing - python - Remote Apple Events - Safari RSS - servermgrd - SMB - SquirrelMail - X11 - XTerm
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 35684
    published 2009-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35684
    title Mac OS X Multiple Vulnerabilities (Security Update 2009-001)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0500.NASL
    description Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, and portable font engine. Chris Evans discovered several integer underflow and overflow flaws in the FreeType font engine. If a user loads a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code as the user. While it is uncommon for a user to explicitly load a font file, there are several application file formats which contain embedded fonts that are parsed by FreeType. (CVE-2006-0747, CVE-2006-1861, CVE-2006-3467) A NULL pointer dereference flaw was found in the FreeType font engine. An application linked against FreeType can crash upon loading a malformed font file. (CVE-2006-2661) Users of FreeType should upgrade to these updated packages, which contain backported patches to correct these issues.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 22068
    published 2006-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22068
    title RHEL 2.1 / 3 / 4 : freetype (RHSA-2006:0500)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 119060 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 22985
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22985
    title Solaris 10 (x86) : 119060-72 (deprecated)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1193.NASL
    description Several vulnerabilities have been discovered in the X Window System, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-3467 Chris Evan discovered an integer overflow in the code to handle PCF fonts, which might lead to denial of service if a malformed font is opened. - CVE-2006-3739 It was discovered that an integer overflow in the code to handle Adobe Font Metrics might lead to the execution of arbitrary code. - CVE-2006-3740 It was discovered that an integer overflow in the code to handle CMap and CIDFont font data might lead to the execution of arbitrary code. - CVE-2006-4447 The XFree86 initialization code performs insufficient checking of the return value of setuid() when dropping privileges, which might lead to local privilege escalation.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22734
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22734
    title Debian DSA-1193-1 : xfree86 - several vulnerabilities
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-65.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Sep/12/13
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107299
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107299
    title Solaris 10 (sparc) : 119059-65
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_119060-64.NASL
    description X11 6.6.2_x86: Xsun patch. Date this patch was last updated by Sun : Sep/12/13
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107801
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107801
    title Solaris 10 (x86) : 119060-64
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-71.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Nov/12/15
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107303
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107303
    title Solaris 10 (sparc) : 119059-71
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-66.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Mar/15/14
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107300
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107300
    title Solaris 10 (sparc) : 119059-66
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-70.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Jul/13/15
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107302
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107302
    title Solaris 10 (sparc) : 119059-70
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059-72.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Mar/09/17
    last seen 2019-01-19
    modified 2019-01-18
    plugin id 107304
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107304
    title Solaris 10 (sparc) : 119059-72
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-341-1.NASL
    description An integer overflow has been discovered in X.org's font handling library. By using a specially crafted font file, this could be exploited to crash the X server or execute arbitrary code with root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27920
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27920
    title Ubuntu 5.04 / 5.10 / 6.06 LTS : libxfont, xorg vulnerability (USN-341-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0634.NASL
    description Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. An integer overflow flaw in the way the X.org server processes PCF files was discovered. A malicious authorized client could exploit this issue to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the X.org server. (CVE-2006-3467) Users of X.org should upgrade to these updated packages, which contain a backported patch and is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 22265
    published 2006-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22265
    title RHEL 4 : xorg-x11 (RHSA-2006:0634)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_119059.NASL
    description X11 6.6.2: Xsun patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 119059 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 22952
    published 2006-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22952
    title Solaris 10 (sparc) : 119059-73 (deprecated)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_NX-4555.NASL
    description The XFree code contained in NX was prone to integer overflows (CVE-2006-1861) and insufficiently protected against specially crafted PCF files (CVE-2006-3467).
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 27510
    published 2007-10-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27510
    title openSUSE 10 Security Update : NX (NX-4555)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0635.NASL
    description Updated XFree86 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. An integer overflow flaw in the way the XFree86 server processes PCF files was discovered. A malicious authorized client could exploit this issue to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the XFree86 server. (CVE-2006-3467) Users of XFree86 should upgrade to these updated packages, which contain a backported patch and is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22258
    published 2006-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22258
    title CentOS 3 : XFree86 (CESA-2006:0635)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-148.NASL
    description An integer overflow flaw was discovered in how xorg-x11/XFree86 handles PCF files. A malicious authorized client could exploit the issue to cause a DoS (crash) or potentially execute arbitrary code with root privileges on the xorg-x11/XFree86 server. Updated packages are patched to address this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 23895
    published 2006-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23895
    title Mandrake Linux Security Advisory : xorg-x11 (MDKSA-2006:148)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200609-04.NASL
    description The remote host is affected by the vulnerability described in GLSA-200609-04 (LibXfont: Multiple integer overflows) Several integer overflows have been found in the PCF font parser. Impact : A local attacker could possibly execute arbitrary code or crash the Xserver by enticing a user to load a specially crafted PCF font file. Workaround : Do not use untrusted PCF Font files.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 22326
    published 2006-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22326
    title GLSA-200609-04 : LibXfont: Multiple integer overflows
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-129.NASL
    description An additional overflow, similar to those corrected by patches for CVE-2006-1861 was found in libfreetype. If a user loads a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code as the user. Updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 23880
    published 2006-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=23880
    title Mandrake Linux Security Advisory : freetype2 (MDKSA-2006:129)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FREETYPE2-1918.NASL
    description This security update fixes crashes in the PCF handling of freetype2 which might be used to crash freetype2 using applications or even to execute code in them. This issue is tracked by the Mitre CVE ID CVE-2006-3467.
    last seen 2019-02-21
    modified 2014-10-28
    plugin id 29436
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29436
    title SuSE 10 Security Update : freetype2 (ZYPP Patch Number 1918)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-324-1.NASL
    description An integer overflow has been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 27902
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27902
    title Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerability (USN-324-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FREETYPE2-1910.NASL
    description This security update fixes crashes in the PCF handling of freetype2 which might be used to crash freetype2 using applications or even to execude code in them. This issue is tracked by the Mitre CVE ID CVE-2006-3467.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27225
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27225
    title openSUSE 10 Security Update : freetype2 (freetype2-1910)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0635.NASL
    description Updated XFree86 packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. An integer overflow flaw in the way the XFree86 server processes PCF files was discovered. A malicious authorized client could exploit this issue to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the XFree86 server. (CVE-2006-3467) Users of XFree86 should upgrade to these updated packages, which contain a backported patch and is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 22266
    published 2006-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22266
    title RHEL 2.1 / 3 : XFree86 (RHSA-2006:0635)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_B975763F521011DB8F1A000A48049292.NASL
    description SecurityTracker reports : A vulnerability was reported in FreeType. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can create a specially crafted font file that, when loaded by the target user's system, will trigger an integer underflow or integer overflow and crash the application or execute arbitrary code on the target system. Chris Evans reported these vulnerabilities. Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22503
    published 2006-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22503
    title FreeBSD : freetype -- LWFN Files Buffer Overflow Vulnerability (b975763f-5210-11db-8f1a-000a48049292)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0634.NASL
    description Updated X.org packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. X.org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. An integer overflow flaw in the way the X.org server processes PCF files was discovered. A malicious authorized client could exploit this issue to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the X.org server. (CVE-2006-3467) Users of X.org should upgrade to these updated packages, which contain a backported patch and is not vulnerable to this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 22281
    published 2006-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22281
    title CentOS 4 : xorg-x11 (CESA-2006:0634)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1178.NASL
    description It was discovered that an integer overflow in freetype's PCF font code may lead to denial of service and potential execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22720
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22720
    title Debian DSA-1178-1 : freetype - integer overflow
oval via4
accepted 2013-04-29T04:07:37.728-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
family unix
id oval:org.mitre.oval:def:10673
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
version 23
redhat via4
advisories
  • bugzilla
    id 190593
    title CVE-2006-1861 freetype multiple integer overflows (CVE-2006-3467)
    oval
    OR
    • AND
      comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhsa:tst:20060015001
    • AND
      comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhsa:tst:20060016001
    rhsa
    id RHSA-2006:0500
    released 2006-07-18
    severity Moderate
    title RHSA-2006:0500: freetype security update (Moderate)
  • bugzilla
    id 202469
    title CVE-2006-3467 Xorg PCF handling Integer overflow
    oval
    AND
    comment Red Hat Enterprise Linux 4 is installed
    oval oval:com.redhat.rhsa:tst:20060016001
    rhsa
    id RHSA-2006:0634
    released 2006-08-21
    severity Important
    title RHSA-2006:0634: xorg-x11 security update (Important)
  • bugzilla
    id 202472
    title CVE-2006-3467 Xorg PCF handling Integer overflow
    oval
    AND
    comment Red Hat Enterprise Linux 3 is installed
    oval oval:com.redhat.rhsa:tst:20060015001
    rhsa
    id RHSA-2006:0635
    released 2006-08-21
    severity Important
    title RHSA-2006:0635: XFree86 security update (Important)
refmap via4
apple APPLE-SA-2009-02-12
bugtraq
  • 20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
  • 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
  • 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
  • 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
  • 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
confirm
debian
  • DSA-1178
  • DSA-1193
gentoo GLSA-200609-04
mandriva
  • MDKSA-2006:129
  • MDKSA-2006:148
misc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
sectrack 1016522
secunia
  • 21062
  • 21135
  • 21144
  • 21232
  • 21285
  • 21566
  • 21567
  • 21606
  • 21626
  • 21701
  • 21793
  • 21798
  • 21836
  • 22027
  • 22332
  • 22875
  • 22907
  • 23400
  • 23939
  • 27271
  • 33937
sgi 20060701-01-U
sunalert 102705
suse
  • SUSE-SA:2006:045
  • SUSE-SR:2007:021
trustix 2006-0052
ubuntu
  • USN-324-1
  • USN-341-1
vupen
  • ADV-2006-4502
  • ADV-2006-4522
  • ADV-2007-0381
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 30-08-2016 - 21:59
Published 21-07-2006 - 10:03
Last modified 18-10-2018 - 12:47
Back to Top