cpe:/a:freetype:freetype:1.3.1 cpe:/a:freetype:freetype:2.0.6 cpe:/a:freetype:freetype:2.0.9 cpe:/a:freetype:freetype:2.1 cpe:/a:freetype:freetype:2.1.3 cpe:/a:freetype:freetype:2.1.4 cpe:/a:freetype:freetype:2.1.5 cpe:/a:freetype:freetype:2.1.6 cpe:/a:freetype:freetype:2.1.7 cpe:/a:freetype:freetype:2.1.8 cpe:/a:freetype:freetype:2.1.8_rc1 cpe:/a:freetype:freetype:2.1.9 cpe:/a:freetype:freetype:2.1.10 cpe:/a:freetype:freetype:2.2 cpe:/a:freetype:freetype:2.2.1 cpe:/a:freetype:freetype:2.2.10 cpe:/a:freetype:freetype:2.3.0 cpe:/a:freetype:freetype:2.3.1 cpe:/a:freetype:freetype:2.3.2 cpe:/a:freetype:freetype:2.3.3 cpe:/a:freetype:freetype:2.3.4 cpe:/a:freetype:freetype:2.3.5 cpe:/a:freetype:freetype:2.3.6 cpe:/a:freetype:freetype:2.3.7 cpe:/a:freetype:freetype:2.3.8 cpe:/a:freetype:freetype:2.3.9 cpe:/a:freetype:freetype:2.3.10 cpe:/a:freetype:freetype:2.3.11 cpe:/a:freetype:freetype:2.3.12 CVE-2010-2497 2010-08-19T14:00:03.857-04:00 2012-12-18T23:28:52.573-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-08-20T13:47:00.000-04:00 SECUNIA 48951 APPLE APPLE-SA-2010-11-10-1 DEBIAN DSA-2070 MANDRIVA MDVSA-2010:137 MLIST [freetype] 20100712 FreeType 2.4.0 has been released MLIST [oss-security] 20100713 Multiple bugs in freetype MLIST [oss-security] 20100714 Re: Multiple bugs in freetype CONFIRM http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc CONFIRM http://support.apple.com/kb/HT4435 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=613154 CONFIRM https://savannah.nongnu.org/bugs/?30082 CONFIRM https://savannah.nongnu.org/bugs/?30083 Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.