Showing 1 - 4 of 4

CVE-2010-2498

Status Candidate

Overview

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.

Related Files

Gentoo Linux Security Advisory 201201-09: Posted Jan 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201201-9 - Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. Versions less than 2.4.8 are affected.; tags | advisory, remote, denial of service, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2010-1797, CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3311, CVE-2010-3814, CVE-2010-3855, CVE-2011-0226, CVE-2011-3256, CVE-2011-3439; SHA-256 | c2f545da77d59dcae89071ef5db306706481440c4f480de96b07a59229faf95e; Download | Favorite | View

Ubuntu Security Notice 963-1: Posted Jul 21, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 963-1 - Robert Swiecki discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527; SHA-256 | fc0f18e5fd93c5ab92a7d2edfd7e45781d6ca70eb6dee9fcb787abfdffb4f18e; Download | Favorite | View

Mandriva Linux Security Advisory 2010-137: Posted Jul 20, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-137 - Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed. A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected. The updated packages have been patched to correct these issues.; tags | advisory, overflow; systems | linux, mandriva; advisories | CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520; SHA-256 | efd92e7d42dab7ac0d40e33efe6456624e6b0c34d5a859edf8491479d8deda99; Download | Favorite | View

Debian Linux Security Advisory 2070-1: Posted Jul 15, 2010; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2070-1 - Robert Swiecki discovered several vulnerabilities in the FreeType font library, which could lead to the execution of arbitrary code if a malformed font file is processed.; tags | advisory, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527; SHA-256 | 07a9d0abfec10cf4e763c242a9b4933a2f44395c0fb697b08fdb20b446862e54; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 64 files
Debian 24 files
Apple 14 files
LiquidWorm 12 files
Gentoo 8 files
Google Security Research 4 files
Andrey Stoykov 3 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,132)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,171)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,070)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,426)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,010)
UNIX (9,482)
UnixWare (188)
Windows (6,785)
Other

CVE-2010-2498

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems