MDVSA-2013:006 -- Mandriva freetype2ID: oval:org.secpod.oval:def:302996 | Date: (C)2013-02-26 (M)2023-12-07 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in freetype2: A Null pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format fonts. A remote attacker could provide a specially-crafted BDF font file, which once processed in an application linked against FreeType would lead to that application crash. An out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format. A remote attacker could provide a specially-crafted BDF font file, which once opened in an application linked against FreeType would lead to that application crash . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2011.0 |