[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-1807Date: (C)2008-06-16   (M)2023-12-22


FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1020239
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716
http://www.securityfocus.com/archive/1/495497/100/0/threaded
http://www.securityfocus.com/archive/1/495869/100/0/threaded
SUNALERT-239006
BID-29641
SECUNIA-30600
SECUNIA-30721
SECUNIA-30740
SECUNIA-30766
SECUNIA-30819
SECUNIA-30821
SECUNIA-30967
SECUNIA-31479
SECUNIA-31577
SECUNIA-31707
SECUNIA-31709
SECUNIA-31711
SECUNIA-31712
SECUNIA-31823
SECUNIA-31856
SECUNIA-31900
SECUNIA-33937
ADV-2008-1794
ADV-2008-1876
ADV-2008-2423
ADV-2008-2466
ADV-2008-2525
ADV-2008-2558
APPLE-SA-2008-09-09
APPLE-SA-2008-09-12
APPLE-SA-2009-02-12
FEDORA-2008-5425
FEDORA-2008-5430
GLSA-200806-10
GLSA-201209-25
MDVSA-2008:121
RHSA-2008:0556
RHSA-2008:0558
SUSE-SR:2008:014
USN-643-1
http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780
http://support.apple.com/kb/HT3026
http://support.apple.com/kb/HT3129
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255
http://www.vmware.com/security/advisories/VMSA-2008-0014.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
https://issues.rpath.com/browse/RPL-2608
oval:org.mitre.oval:def:9767

CPE    4
cpe:/a:freetype:freetype:2.3.5
cpe:/a:freetype:freetype:2.3.3
cpe:/a:freetype:freetype:2.3.4
cpe:/a:freetype:freetype:1.3.1
...
CWE    1
CWE-189
OVAL    4
oval:org.secpod.oval:def:301630
oval:org.secpod.oval:def:20745
oval:org.secpod.oval:def:202672
oval:org.mitre.oval:def:7383
...

© SecPod Technologies