exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

OpenPKG Security Advisory 2006.17

OpenPKG Security Advisory 2006.17
Posted Aug 3, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.017 - Multiple security issues exist in the FreeType font rendering library before version 2.2.

tags | advisory
advisories | CVE-2006-3467, CVE-2006-2661, CVE-2006-2493, CVE-2006-0747
SHA-256 | 2b21a35344d0b2e3246e685dfc6f3441f75ea7e8c4cb18207ba4ee3935413369

OpenPKG Security Advisory 2006.17

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security/ http://www.openpkg.org
openpkg-security@openpkg.org openpkg@openpkg.org
OpenPKG-SA-2006.017 28-Jul-2006
________________________________________________________________________

Package: freetype
Vulnerability: denial of service, arbitrary code execution
OpenPKG Specific: no

Affected Releases: Affected Packages: Corrected Packages:
OpenPKG CURRENT N.A. N.A.
OpenPKG 2-STABLE N.A. N.A.
OpenPKG 2.5-RELEASE <= freetype-2.1.10-2.5.0 >= freetype-2.1.10-2.5.1

Description:
Multiple security issues exist in the FreeType [1] font rendering
library before version 2.2:

An integer overflow allows remote attackers to cause a Denial of
Service (DoS) and possibly execute arbitrary code via unknown vectors,
as demonstrated by the Red Hat "bad1.pcf" test file, due to a partial
fix of CVE-2006-1861. The Common Vulnerabilities and Exposures (CVE)
project assigned the id CVE-2006-3467 [2] to the problem.

Remote attackers can cause a Denial of Service (DoS) via a specially
crafted font file that triggers a NULL dereference. The Common
Vulnerabilities and Exposures (CVE) project assigned the id
CVE-2006-2661 [3] to the problem.

Multiple integer overflows allow remote attackers to cause a
Denial of Service (DoS) and possibly execute arbitrary code. The
Common Vulnerabilities and Exposures (CVE) project assigned the
id CVE-2006-1861 [4] to the problem. Parts of this issue the
Common Vulnerabilities and Exposures (CVE) project assigned the id
CVE-2006-2493, which is now rejected.

Integer underflow allows remote attackers to cause a Denial of Service
(DoS) via a specially crafted font file with an odd number of "blue"
values, which causes the underflow when decrementing by 2 in a context
that assumes an even number of values. The Common Vulnerabilities
and Exposures (CVE) project assigned the id CVE-2006-0747 [5] to the
problem.

An additional flaw causes some programs to go into an infinite loop
and this way cause a Denial of Service (DoS) when dealing with fonts
that don't have a properly sorted kerning sub-table.
________________________________________________________________________

References:
[1] http://www.freetype.org/
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2661
[4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1861
[5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0747
________________________________________________________________________

For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG <openpkg@openpkg.org>" (ID 63C4CB9F) of the
OpenPKG project which you can retrieve from http://pgp.openpkg.org and
hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org
for details on how to verify the integrity of this advisory.
________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG <openpkg@openpkg.org>

iD8DBQFEyfw3gHWT4GPEy58RAiB1AKDKGX5q6ovQuoQXjnV9KY3jvCLJNgCgxCdg
difG4d5DnORPqstdPAUejm8=
=hbbe
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close