csaf_redhat - rhsa-2009

rhsa-2009_1062

Vulnerability from csaf_redhat

Published

2009-05-22 12:06

Modified

2024-11-22 02:41

Summary

Red Hat Security Advisory: freetype security update

Notes

Topic

Updated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. These packages provide both the FreeType 1 and FreeType 2 font engines. Tavis Ormandy of the Google Security Team discovered several integer overflow flaws in the FreeType 2 font engine. If a user loaded a carefully-crafted font file with an application linked against FreeType 2, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2009-0946) Chris Evans discovered multiple integer overflow flaws in the FreeType font engine. If a user loaded a carefully-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2006-1861) An integer overflow flaw was found in the way the FreeType font engine processed TrueType® Font (TTF) files. If a user loaded a carefully-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2007-2754) Note: For the FreeType 2 font engine, the CVE-2006-1861 and CVE-2007-2754 flaws were addressed via RHSA-2006:0500 and RHSA-2007:0403 respectively. This update provides corresponding updates for the FreeType 1 font engine, included in the freetype packages distributed in Red Hat Enterprise Linux 2.1. Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The X server must be restarted (log out, then log back in) for this update to take effect.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated freetype packages that fix various security issues are now\navailable for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "FreeType is a free, high-quality, portable font engine that can open and\nmanage font files. It also loads, hints, and renders individual glyphs\nefficiently. These packages provide both the FreeType 1 and FreeType 2\nfont engines.\n\nTavis Ormandy of the Google Security Team discovered several integer\noverflow flaws in the FreeType 2 font engine. If a user loaded a\ncarefully-crafted font file with an application linked against FreeType 2,\nit could cause the application to crash or, possibly, execute arbitrary\ncode with the privileges of the user running the application.\n(CVE-2009-0946)\n\nChris Evans discovered multiple integer overflow flaws in the FreeType font\nengine. If a user loaded a carefully-crafted font file with an application\nlinked against FreeType, it could cause the application to crash or,\npossibly, execute arbitrary code with the privileges of the user running\nthe application. (CVE-2006-1861)\n\nAn integer overflow flaw was found in the way the FreeType font engine\nprocessed TrueType\u00ae Font (TTF) files. If a user loaded a carefully-crafted\nfont file with an application linked against FreeType, it could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the user running the application. (CVE-2007-2754)\n\nNote: For the FreeType 2 font engine, the CVE-2006-1861 and CVE-2007-2754\nflaws were addressed via RHSA-2006:0500 and RHSA-2007:0403 respectively.\nThis update provides corresponding updates for the FreeType 1 font engine,\nincluded in the freetype packages distributed in Red Hat Enterprise Linux\n2.1.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues. The X server must be restarted\n(log out, then log back in) for this update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2009:1062",
        "url": "https://access.redhat.com/errata/RHSA-2009:1062"
      },
      {
        "category": "external",
        "summary": "http://www.redhat.com/security/updates/classification/#important",
        "url": "http://www.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "240200",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=240200"
      },
      {
        "category": "external",
        "summary": "484437",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484437"
      },
      {
        "category": "external",
        "summary": "491384",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1062.json"
      }
    ],
    "title": "Red Hat Security Advisory: freetype security update",
    "tracking": {
      "current_release_date": "2024-11-22T02:41:42+00:00",
      "generator": {
        "date": "2024-11-22T02:41:42+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2009:1062",
      "initial_release_date": "2009-05-22T12:06:00+00:00",
      "revision_history": [
        {
          "date": "2009-05-22T12:06:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-05-22T08:06:25+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:41:42+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                "product": {
                  "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_id": "2.1AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Linux Advanced Workstation 2.1",
                "product": {
                  "name": "Red Hat Linux Advanced Workstation 2.1",
                  "product_id": "2.1AW",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::aw"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 2.1",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 2.1",
                  "product_id": "2.1ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 2.1",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 2.1",
                  "product_id": "2.1WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freetype-utils-0:2.0.3-17.el21.ia64",
                "product": {
                  "name": "freetype-utils-0:2.0.3-17.el21.ia64",
                  "product_id": "freetype-utils-0:2.0.3-17.el21.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freetype-utils@2.0.3-17.el21?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freetype-devel-0:2.0.3-17.el21.ia64",
                "product": {
                  "name": "freetype-devel-0:2.0.3-17.el21.ia64",
                  "product_id": "freetype-devel-0:2.0.3-17.el21.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freetype-devel@2.0.3-17.el21?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freetype-0:2.0.3-17.el21.ia64",
                "product": {
                  "name": "freetype-0:2.0.3-17.el21.ia64",
                  "product_id": "freetype-0:2.0.3-17.el21.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freetype@2.0.3-17.el21?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freetype-0:2.0.3-17.el21.src",
                "product": {
                  "name": "freetype-0:2.0.3-17.el21.src",
                  "product_id": "freetype-0:2.0.3-17.el21.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freetype@2.0.3-17.el21?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "freetype-utils-0:2.0.3-17.el21.i386",
                "product": {
                  "name": "freetype-utils-0:2.0.3-17.el21.i386",
                  "product_id": "freetype-utils-0:2.0.3-17.el21.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freetype-utils@2.0.3-17.el21?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freetype-devel-0:2.0.3-17.el21.i386",
                "product": {
                  "name": "freetype-devel-0:2.0.3-17.el21.i386",
                  "product_id": "freetype-devel-0:2.0.3-17.el21.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freetype-devel@2.0.3-17.el21?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "freetype-0:2.0.3-17.el21.i386",
                "product": {
                  "name": "freetype-0:2.0.3-17.el21.i386",
                  "product_id": "freetype-0:2.0.3-17.el21.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/freetype@2.0.3-17.el21?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:freetype-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:freetype-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.src as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:freetype-0:2.0.3-17.el21.src"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.src",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:freetype-devel-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:freetype-utils-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
          "product_id": "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:freetype-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:freetype-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.src as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:freetype-0:2.0.3-17.el21.src"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.src",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:freetype-devel-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.i386 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:freetype-utils-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.ia64 as a component of Red Hat Linux Advanced Workstation 2.1",
          "product_id": "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1AW"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:freetype-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:freetype-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.src as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:freetype-0:2.0.3-17.el21.src"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.src",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:freetype-devel-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:freetype-utils-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux ES version 2.1",
          "product_id": "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:freetype-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:freetype-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-0:2.0.3-17.el21.src as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:freetype-0:2.0.3-17.el21.src"
        },
        "product_reference": "freetype-0:2.0.3-17.el21.src",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:freetype-devel-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-devel-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-devel-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.i386 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:freetype-utils-0:2.0.3-17.el21.i386"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.i386",
        "relates_to_product_reference": "2.1WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "freetype-utils-0:2.0.3-17.el21.ia64 as a component of Red Hat Enterprise Linux WS version 2.1",
          "product_id": "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
        },
        "product_reference": "freetype-utils-0:2.0.3-17.el21.ia64",
        "relates_to_product_reference": "2.1WS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2006-1861",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2006-03-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "484437"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c.  NOTE: item 4 was originally identified by CVE-2006-2493.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freetype: multiple integer overflow vulnerabilities",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "2.1AS:freetype-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-0:2.0.3-17.el21.ia64",
          "2.1AS:freetype-0:2.0.3-17.el21.src",
          "2.1AS:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1AS:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-0:2.0.3-17.el21.src",
          "2.1AW:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-0:2.0.3-17.el21.src",
          "2.1ES:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-0:2.0.3-17.el21.src",
          "2.1WS:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2006-1861"
        },
        {
          "category": "external",
          "summary": "RHBZ#484437",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484437"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2006-1861",
          "url": "https://www.cve.org/CVERecord?id=CVE-2006-1861"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1861",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1861"
        }
      ],
      "release_date": "2006-05-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-05-22T12:06:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "2.1AS:freetype-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-0:2.0.3-17.el21.src",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.src",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.src",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.src",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1062"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freetype: multiple integer overflow vulnerabilities"
    },
    {
      "cve": "CVE-2007-2754",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2007-04-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "240200"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freetype integer overflow",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "2.1AS:freetype-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-0:2.0.3-17.el21.ia64",
          "2.1AS:freetype-0:2.0.3-17.el21.src",
          "2.1AS:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1AS:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-0:2.0.3-17.el21.src",
          "2.1AW:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-0:2.0.3-17.el21.src",
          "2.1ES:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-0:2.0.3-17.el21.src",
          "2.1WS:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2007-2754"
        },
        {
          "category": "external",
          "summary": "RHBZ#240200",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=240200"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2007-2754",
          "url": "https://www.cve.org/CVERecord?id=CVE-2007-2754"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2007-2754",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-2754"
        }
      ],
      "release_date": "2007-04-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-05-22T12:06:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "2.1AS:freetype-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-0:2.0.3-17.el21.src",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.src",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.src",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.src",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1062"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "freetype integer overflow"
    },
    {
      "cve": "CVE-2009-0946",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2009-03-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "491384"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "freetype: multiple integer overflows",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "2.1AS:freetype-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-0:2.0.3-17.el21.ia64",
          "2.1AS:freetype-0:2.0.3-17.el21.src",
          "2.1AS:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1AS:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-0:2.0.3-17.el21.src",
          "2.1AW:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1AW:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-0:2.0.3-17.el21.src",
          "2.1ES:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1ES:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-0:2.0.3-17.el21.src",
          "2.1WS:freetype-devel-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64",
          "2.1WS:freetype-utils-0:2.0.3-17.el21.i386",
          "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-0946"
        },
        {
          "category": "external",
          "summary": "RHBZ#491384",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0946",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-0946"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0946",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0946"
        }
      ],
      "release_date": "2009-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-05-22T12:06:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "2.1AS:freetype-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-0:2.0.3-17.el21.src",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.src",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.src",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.src",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1062"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "2.1AS:freetype-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-0:2.0.3-17.el21.src",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AS:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-0:2.0.3-17.el21.src",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1AW:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-0:2.0.3-17.el21.src",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1ES:freetype-utils-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-0:2.0.3-17.el21.src",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-devel-0:2.0.3-17.el21.ia64",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.i386",
            "2.1WS:freetype-utils-0:2.0.3-17.el21.ia64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "freetype: multiple integer overflows"
    }
  ]
}

cve-2009-0946

Vulnerability from cvelistv5

Published

2009-04-17 00:00

Modified

2024-08-07 04:57

Severity ?

Summary

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

References

▼	URL	Tags
	http://secunia.com/advisories/34967	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT3639	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4435	x_refsource_CONFIRM
	http://secunia.com/advisories/34913	third-party-advisory, x_refsource_SECUNIA
	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/1621	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/34550	vdb-entry, x_refsource_BID
	http://support.apple.com/kb/HT3549	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2009:243	vendor-advisory, x_refsource_MANDRIVA
	http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://www.ubuntu.com/usn/USN-767-1	vendor-advisory, x_refsource_UBUNTU
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1	vendor-advisory, x_refsource_SUNALERT
	http://secunia.com/advisories/35198	third-party-advisory, x_refsource_SECUNIA
	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b	x_refsource_CONFIRM
	http://secunia.com/advisories/35074	third-party-advisory, x_refsource_SECUNIA
	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/1522	vdb-entry, x_refsource_VUPEN
	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.redhat.com/support/errata/RHSA-2009-1062.html	vendor-advisory, x_refsource_REDHAT
	http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/35065	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2009/dsa-1784	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/35210	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200905-05.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/35379	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=491384	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149	vdb-entry, signature, x_refsource_OVAL
	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	third-party-advisory, x_refsource_CERT
	http://www.vupen.com/english/advisories/2009/1297	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/35200	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT3613	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2009-0329.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2009/1058	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/35204	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/34723	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2009-1061.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:57:17.538Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "34967",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34967"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3639"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "name": "34913",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34913"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
          },
          {
            "name": "ADV-2009-1621",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1621"
          },
          {
            "name": "34550",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34550"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "name": "MDVSA-2009:243",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
          },
          {
            "name": "APPLE-SA-2009-06-08-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
          },
          {
            "name": "USN-767-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-767-1"
          },
          {
            "name": "270268",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
          },
          {
            "name": "35198",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35198"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
          },
          {
            "name": "ADV-2009-1522",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1522"
          },
          {
            "name": "APPLE-SA-2010-11-10-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
          },
          {
            "name": "RHSA-2009:1062",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
          },
          {
            "name": "APPLE-SA-2009-06-17-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "35065",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35065"
          },
          {
            "name": "DSA-1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1784"
          },
          {
            "name": "35210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35210"
          },
          {
            "name": "GLSA-200905-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
          },
          {
            "name": "35379",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35379"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
          },
          {
            "name": "oval:org.mitre.oval:def:10149",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
          },
          {
            "name": "SUSE-SR:2009:010",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "35200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35200"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3613"
          },
          {
            "name": "RHSA-2009:0329",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
          },
          {
            "name": "ADV-2009-1058",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1058"
          },
          {
            "name": "35204",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35204"
          },
          {
            "name": "34723",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34723"
          },
          {
            "name": "RHSA-2009:1061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "34967",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34967"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3639"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4435"
        },
        {
          "name": "34913",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34913"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
        },
        {
          "name": "ADV-2009-1621",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1621"
        },
        {
          "name": "34550",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34550"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "name": "MDVSA-2009:243",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
        },
        {
          "name": "APPLE-SA-2009-06-08-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
        },
        {
          "name": "USN-767-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-767-1"
        },
        {
          "name": "270268",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
        },
        {
          "name": "35198",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35198"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
        },
        {
          "name": "ADV-2009-1522",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1522"
        },
        {
          "name": "APPLE-SA-2010-11-10-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
        },
        {
          "name": "RHSA-2009:1062",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
        },
        {
          "name": "APPLE-SA-2009-06-17-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "35065",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35065"
        },
        {
          "name": "DSA-1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1784"
        },
        {
          "name": "35210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35210"
        },
        {
          "name": "GLSA-200905-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
        },
        {
          "name": "35379",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35379"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
        },
        {
          "name": "oval:org.mitre.oval:def:10149",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
        },
        {
          "name": "SUSE-SR:2009:010",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "35200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35200"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3613"
        },
        {
          "name": "RHSA-2009:0329",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
        },
        {
          "name": "ADV-2009-1058",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1058"
        },
        {
          "name": "35204",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35204"
        },
        {
          "name": "34723",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34723"
        },
        {
          "name": "RHSA-2009:1061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0946",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "34967",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34967"
            },
            {
              "name": "http://support.apple.com/kb/HT3639",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3639"
            },
            {
              "name": "http://support.apple.com/kb/HT4435",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4435"
            },
            {
              "name": "34913",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34913"
            },
            {
              "name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e",
              "refsource": "CONFIRM",
              "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
            },
            {
              "name": "ADV-2009-1621",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1621"
            },
            {
              "name": "34550",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34550"
            },
            {
              "name": "http://support.apple.com/kb/HT3549",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3549"
            },
            {
              "name": "MDVSA-2009:243",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
            },
            {
              "name": "APPLE-SA-2009-06-08-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
            },
            {
              "name": "USN-767-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-767-1"
            },
            {
              "name": "270268",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
            },
            {
              "name": "35198",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35198"
            },
            {
              "name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b",
              "refsource": "CONFIRM",
              "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
            },
            {
              "name": "35074",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35074"
            },
            {
              "name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5",
              "refsource": "CONFIRM",
              "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
            },
            {
              "name": "ADV-2009-1522",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1522"
            },
            {
              "name": "APPLE-SA-2010-11-10-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
            },
            {
              "name": "RHSA-2009:1062",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
            },
            {
              "name": "APPLE-SA-2009-06-17-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
            },
            {
              "name": "APPLE-SA-2009-05-12",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
            },
            {
              "name": "35065",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35065"
            },
            {
              "name": "DSA-1784",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1784"
            },
            {
              "name": "35210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35210"
            },
            {
              "name": "GLSA-200905-05",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
            },
            {
              "name": "35379",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35379"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=491384",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
            },
            {
              "name": "oval:org.mitre.oval:def:10149",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
            },
            {
              "name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog",
              "refsource": "CONFIRM",
              "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
            },
            {
              "name": "SUSE-SR:2009:010",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
            },
            {
              "name": "TA09-133A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
            },
            {
              "name": "ADV-2009-1297",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1297"
            },
            {
              "name": "35200",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35200"
            },
            {
              "name": "http://support.apple.com/kb/HT3613",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT3613"
            },
            {
              "name": "RHSA-2009:0329",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
            },
            {
              "name": "ADV-2009-1058",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1058"
            },
            {
              "name": "35204",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35204"
            },
            {
              "name": "34723",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34723"
            },
            {
              "name": "RHSA-2009:1061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0946",
    "datePublished": "2009-04-17T00:00:00",
    "dateReserved": "2009-03-18T00:00:00",
    "dateUpdated": "2024-08-07T04:57:17.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-1861

Vulnerability from cvelistv5

Published

2006-05-23 10:00

Modified

2024-08-07 17:27

Severity ?

Summary

Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.

References

▼	URL	Tags
	http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/20791	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27271	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/33937	third-party-advisory, x_refsource_SECUNIA
	http://sourceforge.net/project/shownotes.php?release_id=416463	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1	vendor-advisory, x_refsource_SUNALERT
	http://secunia.com/advisories/21000	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/20525	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/21701	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-200607-02.xml	vendor-advisory, x_refsource_GENTOO
	http://support.apple.com/kb/HT3438	x_refsource_CONFIRM
	http://secunia.com/advisories/27162	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html	vendor-advisory, x_refsource_FEDORA
	http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html	vendor-advisory, x_refsource_APPLE
	https://usn.ubuntu.com/291-1/	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/21385	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html	vendor-advisory, x_refsource_FEDORA
	http://www.redhat.com/support/errata/RHSA-2009-1062.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/archive/1/436836/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/18034	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/21135	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/26553	vdb-entry, x_refsource_XF
	http://www.redhat.com/support/errata/RHSA-2006-0500.html	vendor-advisory, x_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/23939	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=502565	x_refsource_CONFIRM
	http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm	x_refsource_CONFIRM
	https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606	x_refsource_CONFIRM
	http://secunia.com/advisories/20591	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/27167	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593	x_refsource_CONFIRM
	http://secunia.com/advisories/20638	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/20100	third-party-advisory, x_refsource_SECUNIA
	http://securitytracker.com/id?1016522	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/35233	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/0381	vdb-entry, x_refsource_VUPEN
	https://issues.rpath.com/browse/RPL-429	x_refsource_CONFIRM
	ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U	vendor-advisory, x_refsource_SGI
	http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/35200	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8	x_refsource_CONFIRM
	http://secunia.com/advisories/21062	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2009-0329.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/35204	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2006:099	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2006/dsa-1095	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2006/1868	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:27:29.390Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SA:2006:037",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
          },
          {
            "name": "20791",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20791"
          },
          {
            "name": "27271",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27271"
          },
          {
            "name": "33937",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33937"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=416463"
          },
          {
            "name": "102705",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
          },
          {
            "name": "21000",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21000"
          },
          {
            "name": "20525",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20525"
          },
          {
            "name": "21701",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21701"
          },
          {
            "name": "GLSA-200607-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3438"
          },
          {
            "name": "27162",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27162"
          },
          {
            "name": "FEDORA-2009-5644",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
          },
          {
            "name": "APPLE-SA-2009-02-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
          },
          {
            "name": "USN-291-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/291-1/"
          },
          {
            "name": "21385",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21385"
          },
          {
            "name": "FEDORA-2009-5558",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
          },
          {
            "name": "RHSA-2009:1062",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
          },
          {
            "name": "20060612 rPSA-2006-0100-1 freetype",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
          },
          {
            "name": "18034",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18034"
          },
          {
            "name": "21135",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21135"
          },
          {
            "name": "freetype-lwfn-overflow(26553)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"
          },
          {
            "name": "RHSA-2006:0500",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9124",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"
          },
          {
            "name": "23939",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23939"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"
          },
          {
            "name": "20591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20591"
          },
          {
            "name": "SUSE-SR:2007:021",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
          },
          {
            "name": "27167",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27167"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
          },
          {
            "name": "20638",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20638"
          },
          {
            "name": "20100",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20100"
          },
          {
            "name": "1016522",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016522"
          },
          {
            "name": "35233",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35233"
          },
          {
            "name": "ADV-2007-0381",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0381"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-429"
          },
          {
            "name": "20060701-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
          },
          {
            "name": "GLSA-200710-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"
          },
          {
            "name": "35200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35200"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"
          },
          {
            "name": "21062",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21062"
          },
          {
            "name": "RHSA-2009:0329",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
          },
          {
            "name": "35204",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35204"
          },
          {
            "name": "MDKSA-2006:099",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
          },
          {
            "name": "DSA-1095",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1095"
          },
          {
            "name": "ADV-2006-1868",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1868"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c.  NOTE: item 4 was originally identified by CVE-2006-2493."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SA:2006:037",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
        },
        {
          "name": "20791",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20791"
        },
        {
          "name": "27271",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27271"
        },
        {
          "name": "33937",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33937"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=416463"
        },
        {
          "name": "102705",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
        },
        {
          "name": "21000",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21000"
        },
        {
          "name": "20525",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20525"
        },
        {
          "name": "21701",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21701"
        },
        {
          "name": "GLSA-200607-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3438"
        },
        {
          "name": "27162",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27162"
        },
        {
          "name": "FEDORA-2009-5644",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
        },
        {
          "name": "APPLE-SA-2009-02-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
        },
        {
          "name": "USN-291-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/291-1/"
        },
        {
          "name": "21385",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21385"
        },
        {
          "name": "FEDORA-2009-5558",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
        },
        {
          "name": "RHSA-2009:1062",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
        },
        {
          "name": "20060612 rPSA-2006-0100-1 freetype",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
        },
        {
          "name": "18034",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18034"
        },
        {
          "name": "21135",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21135"
        },
        {
          "name": "freetype-lwfn-overflow(26553)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"
        },
        {
          "name": "RHSA-2006:0500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9124",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"
        },
        {
          "name": "23939",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23939"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"
        },
        {
          "name": "20591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20591"
        },
        {
          "name": "SUSE-SR:2007:021",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
        },
        {
          "name": "27167",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27167"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
        },
        {
          "name": "20638",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20638"
        },
        {
          "name": "20100",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20100"
        },
        {
          "name": "1016522",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016522"
        },
        {
          "name": "35233",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35233"
        },
        {
          "name": "ADV-2007-0381",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0381"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-429"
        },
        {
          "name": "20060701-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
        },
        {
          "name": "GLSA-200710-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"
        },
        {
          "name": "35200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35200"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"
        },
        {
          "name": "21062",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21062"
        },
        {
          "name": "RHSA-2009:0329",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
        },
        {
          "name": "35204",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35204"
        },
        {
          "name": "MDKSA-2006:099",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
        },
        {
          "name": "DSA-1095",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1095"
        },
        {
          "name": "ADV-2006-1868",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1868"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-1861",
    "datePublished": "2006-05-23T10:00:00",
    "dateReserved": "2006-04-19T00:00:00",
    "dateUpdated": "2024-08-07T17:27:29.390Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-2754

Vulnerability from cvelistv5

Published

2007-05-17 22:00

Modified

2024-08-07 13:49

Severity ?

Summary

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.

References

▼	URL	Tags
	http://www.vupen.com/english/advisories/2007/2229	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/26129	third-party-advisory, x_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm	x_refsource_CONFIRM
	http://secunia.com/advisories/25612	third-party-advisory, x_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1390	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2008/0049	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/25894	third-party-advisory, x_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1334	vendor-advisory, x_refsource_DEBIAN
	http://secunia.com/advisories/25386	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28298	third-party-advisory, x_refsource_SECUNIA
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1	vendor-advisory, x_refsource_SUNALERT
	http://secunia.com/advisories/25705	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT3549	x_refsource_CONFIRM
	http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178	x_refsource_CONFIRM
	http://www.debian.org/security/2007/dsa-1302	vendor-advisory, x_refsource_DEBIAN
	http://osvdb.org/36509	vdb-entry, x_refsource_OSVDB
	http://www.novell.com/linux/security/advisories/2007_41_freetype2.html	vendor-advisory, x_refsource_SUSE
	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/35074	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/26305	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/471286/30/6180/threaded	mailing-list, x_refsource_BUGTRAQ
	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/bid/24074	vdb-entry, x_refsource_BID
	http://www.redhat.com/support/errata/RHSA-2009-1062.html	vendor-advisory, x_refsource_REDHAT
	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/25463	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDKSA-2007:121	vendor-advisory, x_refsource_MANDRIVA
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1	vendor-advisory, x_refsource_SUNALERT
	http://www.redhat.com/support/errata/RHSA-2007-0403.html	vendor-advisory, x_refsource_REDHAT
	http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html	vendor-advisory, x_refsource_APPLE
	http://secunia.com/advisories/25353	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200	x_refsource_CONFIRM
	http://secunia.com/advisories/30161	third-party-advisory, x_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml	vendor-advisory, x_refsource_GENTOO
	http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml	vendor-advisory, x_refsource_GENTOO
	http://www.trustix.org/errata/2007/0019/	vendor-advisory, x_refsource_TRUSTIX
	https://bugzilla.redhat.com/show_bug.cgi?id=502565	x_refsource_CONFIRM
	http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html	vendor-advisory, x_refsource_OPENPKG
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1	vendor-advisory, x_refsource_SUNALERT
	http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html	mailing-list, x_refsource_MLIST
	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	third-party-advisory, x_refsource_CERT
	http://secunia.com/advisories/25808	third-party-advisory, x_refsource_SECUNIA
	http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml	vendor-advisory, x_refsource_GENTOO
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2009/1297	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/25609	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/35233	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/35200	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25350	third-party-advisory, x_refsource_SECUNIA
	ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc	vendor-advisory, x_refsource_SGI
	http://www.ubuntu.com/usn/usn-466-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2007/1894	vdb-entry, x_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2009-0329.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/25905	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/35204	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25654	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/25483	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1018088	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/469463/100/200/threaded	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:49:57.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2229",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2229"
          },
          {
            "name": "26129",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26129"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm"
          },
          {
            "name": "25612",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25612"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1390"
          },
          {
            "name": "ADV-2008-0049",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0049"
          },
          {
            "name": "25894",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25894"
          },
          {
            "name": "DSA-1334",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1334"
          },
          {
            "name": "25386",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25386"
          },
          {
            "name": "28298",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28298"
          },
          {
            "name": "103171",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1"
          },
          {
            "name": "25705",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25705"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3549"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype\u0026r1=1.177\u0026r2=1.178"
          },
          {
            "name": "DSA-1302",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1302"
          },
          {
            "name": "36509",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36509"
          },
          {
            "name": "SUSE-SA:2007:041",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_41_freetype2.html"
          },
          {
            "name": "FEDORA-2009-5644",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
          },
          {
            "name": "35074",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35074"
          },
          {
            "name": "26305",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26305"
          },
          {
            "name": "20070613 FLEA-2007-0025-1: openoffice.org",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/471286/30/6180/threaded"
          },
          {
            "name": "FEDORA-2009-5558",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
          },
          {
            "name": "24074",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24074"
          },
          {
            "name": "RHSA-2009:1062",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
          },
          {
            "name": "APPLE-SA-2009-05-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
          },
          {
            "name": "25463",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25463"
          },
          {
            "name": "MDKSA-2007:121",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:121"
          },
          {
            "name": "200033",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1"
          },
          {
            "name": "RHSA-2007:0403",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0403.html"
          },
          {
            "name": "APPLE-SA-2007-11-14",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
          },
          {
            "name": "25353",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25353"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200"
          },
          {
            "name": "30161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30161"
          },
          {
            "name": "GLSA-200805-07",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
          },
          {
            "name": "GLSA-200707-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml"
          },
          {
            "name": "2007-0019",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0019/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
          },
          {
            "name": "OpenPKG-SA-2007.018",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html"
          },
          {
            "name": "102967",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1"
          },
          {
            "name": "[ft-devel] 20070427 Bug in fuzzed TTF file",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html"
          },
          {
            "name": "TA09-133A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
          },
          {
            "name": "25808",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25808"
          },
          {
            "name": "GLSA-200705-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:5532",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532"
          },
          {
            "name": "ADV-2009-1297",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1297"
          },
          {
            "name": "25609",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25609"
          },
          {
            "name": "35233",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35233"
          },
          {
            "name": "oval:org.mitre.oval:def:11325",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325"
          },
          {
            "name": "35200",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35200"
          },
          {
            "name": "25350",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25350"
          },
          {
            "name": "20070602-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
          },
          {
            "name": "USN-466-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-466-1"
          },
          {
            "name": "ADV-2007-1894",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1894"
          },
          {
            "name": "RHSA-2009:0329",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
          },
          {
            "name": "25905",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25905"
          },
          {
            "name": "35204",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35204"
          },
          {
            "name": "25654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25654"
          },
          {
            "name": "25483",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25483"
          },
          {
            "name": "1018088",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018088"
          },
          {
            "name": "20070524 FLEA-2007-0020-1: freetype",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/469463/100/200/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2007-2229",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2229"
        },
        {
          "name": "26129",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26129"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm"
        },
        {
          "name": "25612",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25612"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1390"
        },
        {
          "name": "ADV-2008-0049",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0049"
        },
        {
          "name": "25894",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25894"
        },
        {
          "name": "DSA-1334",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1334"
        },
        {
          "name": "25386",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25386"
        },
        {
          "name": "28298",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28298"
        },
        {
          "name": "103171",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1"
        },
        {
          "name": "25705",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25705"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3549"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype\u0026r1=1.177\u0026r2=1.178"
        },
        {
          "name": "DSA-1302",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1302"
        },
        {
          "name": "36509",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36509"
        },
        {
          "name": "SUSE-SA:2007:041",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_41_freetype2.html"
        },
        {
          "name": "FEDORA-2009-5644",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
        },
        {
          "name": "35074",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35074"
        },
        {
          "name": "26305",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26305"
        },
        {
          "name": "20070613 FLEA-2007-0025-1: openoffice.org",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/471286/30/6180/threaded"
        },
        {
          "name": "FEDORA-2009-5558",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
        },
        {
          "name": "24074",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24074"
        },
        {
          "name": "RHSA-2009:1062",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
        },
        {
          "name": "APPLE-SA-2009-05-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
        },
        {
          "name": "25463",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25463"
        },
        {
          "name": "MDKSA-2007:121",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:121"
        },
        {
          "name": "200033",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1"
        },
        {
          "name": "RHSA-2007:0403",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0403.html"
        },
        {
          "name": "APPLE-SA-2007-11-14",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
        },
        {
          "name": "25353",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25353"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200"
        },
        {
          "name": "30161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30161"
        },
        {
          "name": "GLSA-200805-07",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
        },
        {
          "name": "GLSA-200707-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml"
        },
        {
          "name": "2007-0019",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0019/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
        },
        {
          "name": "OpenPKG-SA-2007.018",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html"
        },
        {
          "name": "102967",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1"
        },
        {
          "name": "[ft-devel] 20070427 Bug in fuzzed TTF file",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html"
        },
        {
          "name": "TA09-133A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
        },
        {
          "name": "25808",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25808"
        },
        {
          "name": "GLSA-200705-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:5532",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532"
        },
        {
          "name": "ADV-2009-1297",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1297"
        },
        {
          "name": "25609",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25609"
        },
        {
          "name": "35233",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35233"
        },
        {
          "name": "oval:org.mitre.oval:def:11325",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325"
        },
        {
          "name": "35200",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35200"
        },
        {
          "name": "25350",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25350"
        },
        {
          "name": "20070602-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
        },
        {
          "name": "USN-466-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-466-1"
        },
        {
          "name": "ADV-2007-1894",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1894"
        },
        {
          "name": "RHSA-2009:0329",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
        },
        {
          "name": "25905",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25905"
        },
        {
          "name": "35204",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35204"
        },
        {
          "name": "25654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25654"
        },
        {
          "name": "25483",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25483"
        },
        {
          "name": "1018088",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018088"
        },
        {
          "name": "20070524 FLEA-2007-0020-1: freetype",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/469463/100/200/threaded"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-2754",
    "datePublished": "2007-05-17T22:00:00",
    "dateReserved": "2007-05-17T00:00:00",
    "dateUpdated": "2024-08-07T13:49:57.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2009_1062

Vulnerability from csaf_redhat

cve-2009-0946

Vulnerability from cvelistv5

cve-2006-1861

Vulnerability from cvelistv5

cve-2007-2754

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature