cpe:/a:freetype:freetype:1.3.1 cpe:/a:freetype:freetype:2.0.6 cpe:/a:freetype:freetype:2.0.9 cpe:/a:freetype:freetype:2.1 cpe:/a:freetype:freetype:2.1.3 cpe:/a:freetype:freetype:2.1.4 cpe:/a:freetype:freetype:2.1.5 cpe:/a:freetype:freetype:2.1.6 cpe:/a:freetype:freetype:2.1.7 cpe:/a:freetype:freetype:2.1.8 cpe:/a:freetype:freetype:2.1.8_rc1 cpe:/a:freetype:freetype:2.1.9 cpe:/a:freetype:freetype:2.1.10 cpe:/a:freetype:freetype:2.2 cpe:/a:freetype:freetype:2.2.1 cpe:/a:freetype:freetype:2.2.10 cpe:/a:freetype:freetype:2.3.0 cpe:/a:freetype:freetype:2.3.1 cpe:/a:freetype:freetype:2.3.2 cpe:/a:freetype:freetype:2.3.3 cpe:/a:freetype:freetype:2.3.4 cpe:/a:freetype:freetype:2.3.5 cpe:/a:freetype:freetype:2.3.6 cpe:/a:freetype:freetype:2.3.7 cpe:/a:freetype:freetype:2.3.8 cpe:/a:freetype:freetype:2.3.9 cpe:/a:freetype:freetype:2.3.10 cpe:/a:freetype:freetype:2.3.11 cpe:/a:freetype:freetype:2.3.12 cpe:/a:freetype:freetype:2.4.0 cpe:/a:freetype:freetype:2.4.1 CVE-2010-2808 2010-08-19T14:00:05.327-04:00 2011-01-12T01:51:43.267-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-08-20T18:45:00.000-04:00 SECUNIA 40816 SECUNIA 40982 BID 42285 SECUNIA 42314 SECUNIA 42317 VUPEN ADV-2010-2018 VUPEN ADV-2010-2106 VUPEN ADV-2010-3045 VUPEN ADV-2010-3046 APPLE APPLE-SA-2010-11-10-1 APPLE APPLE-SA-2010-11-22-1 REDHAT RHSA-2010:0737 REDHAT RHSA-2010:0864 UBUNTU USN-972-1 MLIST [oss-security] 20100806 CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts MLIST [oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more CONFIRM http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 CONFIRM http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975 CONFIRM http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view CONFIRM http://support.apple.com/kb/HT4435 CONFIRM http://support.apple.com/kb/HT4456 CONFIRM http://support.apple.com/kb/HT4457 CONFIRM https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=621907 CONFIRM https://savannah.nongnu.org/bugs/?30658 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.