Download
| Alert*
oval:org.secpod.oval:def:300213
Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a c ... oval:org.secpod.oval:def:700099 It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. oval:org.secpod.oval:def:4652 The host is installed with Apple Mac OS X 10.5.8, 10.6 before 10.6.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted font file. Successful exploitation could allow remote attackers to crash the service. oval:org.secpod.oval:def:300010 Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a c ... oval:org.secpod.oval:def:600157 Several vulnerabilities have been discovered in the FreeType font library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1797 Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in ... oval:org.secpod.oval:def:4729 The host is missing a critical security update according to Apple advisory, APPLE-SA-2010-11-10-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize user supplied input. Successful exploitation could allow attackers to ... |