ID CVE-2018-6942
Summary An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
References
Vulnerable Configurations
  • cpe:2.3:a:freetype:freetype2:2.9
    cpe:2.3:a:freetype:freetype2:2.9
  • Canonical Ubuntu Linux 17.10
    cpe:2.3:o:canonical:ubuntu_linux:17.10
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-07A3E36499.NASL
    description Security fix for CVE-2018-6942. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-01
    modified 2018-03-19
    plugin id 106905
    published 2018-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106905
    title Fedora 27 : freetype (2018-07a3e36499)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-2_0-0058.NASL
    description An update of {'freetype2', 'binutils'} packages of Photon OS has been released.
    last seen 2018-09-01
    modified 2018-07-24
    plugin id 111308
    published 2018-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111308
    title Photon OS 2.0 : freetype2 / binutils (PhotonOS-PHSA-2018-2.0-0058)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3572-1.NASL
    description It was discovered that FreeType incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-09-02
    modified 2018-08-07
    plugin id 106839
    published 2018-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106839
    title Ubuntu 17.10 : freetype vulnerability (USN-3572-1)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-1_0-0148.NASL
    description An update of {'freetype2', 'binutils'} packages of Photon OS has been released.
    last seen 2018-09-01
    modified 2018-07-24
    plugin id 111274
    published 2018-07-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111274
    title Photon OS 1.0 : freetype2 / binutils (PhotonOS-PHSA-2018-1.0-0148)
refmap via4
misc
ubuntu USN-3572-1
Last major update 13-02-2018 - 00:29
Published 13-02-2018 - 00:29
Last modified 16-03-2018 - 10:20
Back to Top