[Forgot Password]
Login  Register Subscribe

23631

 
 

122183

 
 

98060

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-1806

Date: (C)2008-06-16   (M)2017-11-18 


Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.

CVSS Score: 7.5Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECTRACK-1020238
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715
http://www.securityfocus.com/archive/1/archive/1/495497/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/495869/100/0/threaded
SUNALERT-239006
BID-29640
SECUNIA-30600
SECUNIA-30721
SECUNIA-30740
SECUNIA-30766
SECUNIA-30819
SECUNIA-30821
SECUNIA-30967
SECUNIA-31479
SECUNIA-31577
SECUNIA-31707
SECUNIA-31709
SECUNIA-31711
SECUNIA-31712
SECUNIA-31823
SECUNIA-31856
SECUNIA-31900
SECUNIA-33937
ADV-2008-1794
ADV-2008-1876
ADV-2008-2423
ADV-2008-2466
ADV-2008-2525
ADV-2008-2558
APPLE-SA-2008-09-09
APPLE-SA-2008-09-12
APPLE-SA-2009-02-12
FEDORA-2008-5425
FEDORA-2008-5430
GLSA-200806-10
GLSA-201209-25
MDVSA-2008:121
RHSA-2008:0556
RHSA-2008:0558
SUSE-SR:2008:014
USN-643-1
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780
http://support.apple.com/kb/HT3026
http://support.apple.com/kb/HT3129
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255
http://www.vmware.com/security/advisories/VMSA-2008-0014.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
https://issues.rpath.com/browse/RPL-2608

CPE    4
cpe:/a:freetype:freetype:2.3.5
cpe:/a:freetype:freetype:2.3.3
cpe:/a:freetype:freetype:2.3.4
cpe:/a:freetype:freetype:1.3.1
...
CWE    1
CWE-189
OVAL    4
oval:org.secpod.oval:def:20744
oval:org.secpod.oval:def:301630
oval:org.mitre.oval:def:7383
oval:org.secpod.oval:def:202672
...

© 2013 SecPod Technologies