what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

CVE-2008-1807

Status Candidate

Overview

FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.

Related Files

Gentoo Linux Security Advisory 201209-25
Posted Sep 30, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-25 - Multiple vulnerabilities have been found in VMware Player, Server, and Workstation, allowing remote and local attackers to conduct several attacks, including privilege escalation, remote execution of arbitrary code, and a Denial of Service.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2007-5269, CVE-2007-5503, CVE-2007-5671, CVE-2008-0967, CVE-2008-1340, CVE-2008-1361, CVE-2008-1362, CVE-2008-1363, CVE-2008-1364, CVE-2008-1392, CVE-2008-1447, CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2008-2098, CVE-2008-2100, CVE-2008-2101, CVE-2008-4915, CVE-2008-4916, CVE-2008-4917, CVE-2009-0040, CVE-2009-0909, CVE-2009-0910, CVE-2009-1244, CVE-2009-2267, CVE-2009-3707, CVE-2009-3732, CVE-2009-3733
MD5 | 51bbb06deb17fab0f37713179ca258d1
Mandriva Linux Security Advisory 2008-121
Posted Oct 31, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code. The updated packages have been patched to prevent this issue. The patches used to correct the problem on Corporate Server 4.0 and Corporate 3.0 contained a problem where certain fonts would not be displayed and would cause applications, such as drakfont, to crash. This update corrects the regression.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
MD5 | b5bbdc1f98fdef8437a222fdba1d0410
Ubuntu Security Notice 643-1
Posted Sep 11, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 643-1 - Multiple flaws were discovered in the PFB and TTF font handling code in freetype. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges or cause the application linked against freetype to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
MD5 | 84c6436a1b5656564dc41cea84d1ad1c
Debian Linux Security Advisory 1635-1
Posted Sep 11, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1635-1 - Several local vulnerabilities have been discovered in freetype, a FreeType 2 font engine, which could allow the execution of arbitrary code.

tags | advisory, arbitrary, local, vulnerability
systems | linux, debian
advisories | CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
MD5 | bd0257bc1c122f92beb0a6e3362ac57a
VMware Security Advisory 2008-0014
Posted Aug 31, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.

tags | advisory, info disclosure
advisories | CVE-2008-2101, CVE-2007-5269, CVE-2008-1447, CVE-2008-3691, CVE-2008-3692, CVE-2008-3693, CVE-2008-3694, CVE-2008-3695, CVE-2007-5438, CVE-2008-3696, CVE-2008-3697, CVE-2008-3698, CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2007-5503
MD5 | 66543adde34c36baff73bda1674cfb79
Gentoo Linux Security Advisory 200806-10
Posted Jun 24, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200806-10 - Font parsing vulnerabilities in FreeType might lead to user-assisted execution of arbitrary code. Versions less than 2.3.6 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
MD5 | 46dcddb44401e1e2765f1d8b769beccd
Mandriva Linux Security Advisory 2008-121
Posted Jun 23, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1806, CVE-2008-1807, CVE-2008-1808
MD5 | 60f816b0b660ae161624a46993cf43fe
iDEFENSE Security Advisory 2008-06-10.3
Posted Jun 11, 2008
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 06.10.08 - Remote exploitation of a memory corruption vulnerability in the FreeType2 library, as included in various vendors' operating systems, could allow an attacker to execute arbitrary code with the privileges of the affected application. iDefense has confirmed the existence of this vulnerability in FreeType2 version 2.3.5. Previous versions may also be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2008-1807
MD5 | ffadea1dac3d6b9c991c4408037734ea
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    6 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close