[Forgot Password]
Login  Register Subscribe

24002

 
 

127027

 
 

102010

 
 

909

 
 

81374

 
 

133

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2008-1806Date: (C)2008-06-16   (M)2018-02-19


Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 7.5
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: PARTIAL
Scope: Integrity: PARTIAL
Confidentiality: Availability: PARTIAL
Integrity:  
Availability:  
  
Reference:
SECTRACK-1020238
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715
http://www.securityfocus.com/archive/1/archive/1/495497/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/495869/100/0/threaded
SUNALERT-239006
BID-29640
SECUNIA-30600
SECUNIA-30721
SECUNIA-30740
SECUNIA-30766
SECUNIA-30819
SECUNIA-30821
SECUNIA-30967
SECUNIA-31479
SECUNIA-31577
SECUNIA-31707
SECUNIA-31709
SECUNIA-31711
SECUNIA-31712
SECUNIA-31823
SECUNIA-31856
SECUNIA-31900
SECUNIA-33937
ADV-2008-1794
ADV-2008-1876
ADV-2008-2423
ADV-2008-2466
ADV-2008-2525
ADV-2008-2558
APPLE-SA-2008-09-09
APPLE-SA-2008-09-12
APPLE-SA-2009-02-12
FEDORA-2008-5425
FEDORA-2008-5430
GLSA-200806-10
GLSA-201209-25
MDVSA-2008:121
RHSA-2008:0556
RHSA-2008:0558
SUSE-SR:2008:014
USN-643-1
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780
http://support.apple.com/kb/HT3026
http://support.apple.com/kb/HT3129
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255
http://www.vmware.com/security/advisories/VMSA-2008-0014.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
https://issues.rpath.com/browse/RPL-2608

CPE    4
cpe:/a:freetype:freetype:2.3.5
cpe:/a:freetype:freetype:2.3.3
cpe:/a:freetype:freetype:2.3.4
cpe:/a:freetype:freetype:1.3.1
...
CWE    1
CWE-189
OVAL    4
oval:org.secpod.oval:def:20744
oval:org.secpod.oval:def:301630
oval:org.mitre.oval:def:7383
oval:org.secpod.oval:def:202672
...

© 2013 SecPod Technologies