what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Mandriva Linux Security Advisory 2010-157
Posted Aug 23, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-157 - The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file. Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File font. bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service via a crafted BDF font file, related to an attempted modification of a value in a static string. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-3053
MD5 | babef798c9a7ac143dd0af5ad896d414
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts
Posted Sep 16, 2019

tags | headline, phone, data loss, flaw, apple
Instagram Fixed Flaw That Links Account Info To PII
Posted Sep 13, 2019

tags | headline, hacker, privacy, data loss, flaw, facebook
France To Block Facebook's Libra Cryptocurrency In Europe
Posted Sep 13, 2019

tags | headline, government, bank, fraud, france, facebook, social, cryptography
InnfiRAT Malware Lurks To Steal Cryptocurrency Wallet Data
Posted Sep 13, 2019

tags | headline, malware, cybercrime, fraud, cryptography
Infosec Duo Cuffed After Physically Breaking Into Courthouse During IT Security Assessment
Posted Sep 13, 2019

tags | headline, hacker, government
New Simjacker Attack Exploited In The Wild To Track Users For At Least Two Years
Posted Sep 12, 2019

tags | headline, hacker, privacy, phone
Major Fraud Scheme Exposed By Insecure Database
Posted Sep 12, 2019

tags | headline, database, cybercrime, fraud
UNICEF Leaks Personal Data Of 8,000 Users Via Email Blunder
Posted Sep 12, 2019

tags | headline, privacy, email, data loss
Fin7 Operator Pleads Guilty To Two Counts
Posted Sep 12, 2019

tags | headline, malware, cybercrime, fraud
Weakness In Intel Chips Lets Researchers Steal Encrypted SSH Keystrokes
Posted Sep 11, 2019

tags | headline, privacy, flaw, password, cryptography, intel
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close