cpe:/a:freetype:freetype:1.3.1 cpe:/a:freetype:freetype:2.0.6 cpe:/a:freetype:freetype:2.0.9 cpe:/a:freetype:freetype:2.1 cpe:/a:freetype:freetype:2.1.3 cpe:/a:freetype:freetype:2.1.4 cpe:/a:freetype:freetype:2.1.5 cpe:/a:freetype:freetype:2.1.6 cpe:/a:freetype:freetype:2.1.7 cpe:/a:freetype:freetype:2.1.8 cpe:/a:freetype:freetype:2.1.8_rc1 cpe:/a:freetype:freetype:2.1.9 cpe:/a:freetype:freetype:2.1.10 cpe:/a:freetype:freetype:2.2 cpe:/a:freetype:freetype:2.2.1 cpe:/a:freetype:freetype:2.2.10 cpe:/a:freetype:freetype:2.3.0 cpe:/a:freetype:freetype:2.3.1 cpe:/a:freetype:freetype:2.3.2 cpe:/a:freetype:freetype:2.3.3 cpe:/a:freetype:freetype:2.3.4 cpe:/a:freetype:freetype:2.3.5 cpe:/a:freetype:freetype:2.3.6 cpe:/a:freetype:freetype:2.3.7 cpe:/a:freetype:freetype:2.3.8 cpe:/a:freetype:freetype:2.3.9 cpe:/a:freetype:freetype:2.3.10 cpe:/a:freetype:freetype:2.3.11 cpe:/a:freetype:freetype:2.3.12 cpe:/a:freetype:freetype:2.4.0 cpe:/a:freetype:freetype:2.4.1 cpe:/a:freetype:freetype:2.4.2 cpe:/a:freetype:freetype:2.4.3 CVE-2010-3855 2010-11-26T15:00:03.393-05:00 2012-12-18T23:32:09.463-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2010-11-29T14:03:00.000-05:00 SECTRACK 1024745 SECUNIA 42289 SECUNIA 42295 SECUNIA 43138 BID 44214 SECUNIA 48951 VUPEN ADV-2010-3037 VUPEN ADV-2011-0246 APPLE APPLE-SA-2011-03-09-1 APPLE APPLE-SA-2011-03-09-3 APPLE APPLE-SA-2011-03-21-1 APPLE APPLE-SA-2011-07-15-1 APPLE APPLE-SA-2011-07-15-2 DEBIAN DSA-2155 FEDORA FEDORA-2010-17728 FEDORA FEDORA-2010-17742 FEDORA FEDORA-2010-17755 MANDRIVA MDVSA-2010:235 MANDRIVA MDVSA-2010:236 REDHAT RHSA-2010:0889 UBUNTU USN-1013-1 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221 CONFIRM http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a CONFIRM http://support.apple.com/kb/HT4564 CONFIRM http://support.apple.com/kb/HT4565 CONFIRM http://support.apple.com/kb/HT4581 CONFIRM http://support.apple.com/kb/HT4802 CONFIRM http://support.apple.com/kb/HT4803 CONFIRM http://support.avaya.com/css/P8/documents/100122733 CONFIRM https://savannah.nongnu.org/bugs/?31310 Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.