[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1784-1 freetype -- integer overflows

ID: oval:org.secpod.oval:def:600512Date: (C)2011-05-13   (M)2017-10-04
Class: PATCHFamily: unix




Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file. For the oldstable distribution , this problem has been fixed in version 2.2.1-5+etch4. For the stable distribution , this problem has been fixed in version 2.3.7-2+lenny1. For the testing distribution , this problem will be fixed soon. For the unstable distribution , this problem has been fixed in version 2.3.9-4.1. We recommend that you upgrade your freetype packages.

Platform:
Debian 5.0
Debian 4.0
Product:
freetype
Reference:
DSA-1784-1
CVE-2009-0946
CVE    1
CVE-2009-0946
CPE    2
cpe:/o:debian:debian_linux:5.0
cpe:/o:debian:debian_linux:4.0

© 2013 SecPod Technologies