Published: 17/05/2007 Updated: 13/02/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Subscribe to Freetype

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and previous versions might allow remote malicious users to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freetype freetype

Synopsis Important: freetype security update Type/Severity Security Advisory: Important Topic Updated freetype packages that fix various security issues are nowavailable for Red Hat Enterprise Linux 3 and 4This update has been rated as having important security impact by the RedHat Security Response Team ...

Debian Bug report logs - #425625 CVE-2007-2754: integer overflow and heap-based buffer overflow vulnerability in freetype Package: libfreetype6; Maintainer for libfreetype6 is Hugh McMaster <hughmcmaster@outlookcom>; Source for libfreetype6 is src:freetype (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschd ...

Victor Stinner discovered that freetype did not correctly verify the number of points in a TrueType font If a user were tricked into using a specially crafted font, a remote attacker could execute arbitrary code with user privileges ...

A problem was discovered in freetype, a FreeType2 font engine, which could allow the execution of arbitrary code via an integer overflow in specially crafted TTF files For the stable distribution (etch), this problem has been fixed in version 221-5+etch1 For the unstable distribution (sid), this problem has been fixed in version 221-6 We rec ...

A problem was discovered with freetype, a FreeType2 font engine, which could allow the execution of arbitrary code via an integer overflow in specially crafted TTF files For the old stable distribution (sarge), this problem has been fixed in version 217-8 We recommend that you upgrade your freetype package ...

NVD-CWE-Other http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 https://issues.rpath.com/browse/RPL-1390 http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://www.debian.org/security/2007/dsa-1302 http://www.debian.org/security/2007/dsa-1334 http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:121 http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html http://www.redhat.com/support/errata/RHSA-2007-0403.html ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1 http://www.novell.com/linux/security/advisories/2007_41_freetype2.html http://www.trustix.org/errata/2007/0019/http://www.ubuntu.com/usn/usn-466-1 http://www.securityfocus.com/bid/24074 http://www.securitytracker.com/id?1018088 http://secunia.com/advisories/25350 http://secunia.com/advisories/25386 http://secunia.com/advisories/25353 http://secunia.com/advisories/25463 http://secunia.com/advisories/25483 http://secunia.com/advisories/25612 http://secunia.com/advisories/25609 http://secunia.com/advisories/25654 http://secunia.com/advisories/25705 http://secunia.com/advisories/25894 http://secunia.com/advisories/25905 http://secunia.com/advisories/25808 http://secunia.com/advisories/26129 http://secunia.com/advisories/26305 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1 http://secunia.com/advisories/28298 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1 http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml http://secunia.com/advisories/30161 http://www.vupen.com/english/advisories/2009/1297 http://secunia.com/advisories/35074 http://support.apple.com/kb/HT3549 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://www.us-cert.gov/cas/techalerts/TA09-133A.html http://www.redhat.com/support/errata/RHSA-2009-0329.html http://www.redhat.com/support/errata/RHSA-2009-1062.html http://secunia.com/advisories/35200 http://secunia.com/advisories/35204 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html https://bugzilla.redhat.com/show_bug.cgi?id=502565 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html http://secunia.com/advisories/35233 http://www.vupen.com/english/advisories/2007/1894 http://www.vupen.com/english/advisories/2007/2229 http://www.vupen.com/english/advisories/2008/0049 http://osvdb.org/36509 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325 http://www.securityfocus.com/archive/1/471286/30/6180/threaded http://www.securityfocus.com/archive/1/469463/100/200/threaded https://access.redhat.com/errata/RHSA-2009:0329 https://usn.ubuntu.com/466-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook