Showing 1 - 4 of 4

CVE-2010-2498

Status Candidate

Overview

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.

Related Files

Gentoo Linux Security Advisory 201201-09: Posted Jan 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201201-9 - Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. Versions less than 2.4.8 are affected.; tags | advisory, remote, denial of service, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2010-1797, CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3311, CVE-2010-3814, CVE-2010-3855, CVE-2011-0226, CVE-2011-3256, CVE-2011-3439; MD5 | 23128961bf7b84b4a162a0b9bf210286; Download | Favorite | Comments (0)

Ubuntu Security Notice 963-1: Posted Jul 21, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 963-1 - Robert Swiecki discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527; MD5 | a4225e010bf4f86d741fadc63eee20ac; Download | Favorite | Comments (0)

Mandriva Linux Security Advisory 2010-137: Posted Jul 20, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-137 - Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed. A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected. The updated packages have been patched to correct these issues.; tags | advisory, overflow; systems | linux, mandriva; advisories | CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520; MD5 | 289c472c3d0ba3410eda1db5c008e036; Download | Favorite | Comments (0)

Debian Linux Security Advisory 2070-1: Posted Jul 15, 2010; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2070-1 - Robert Swiecki discovered several vulnerabilities in the FreeType font library, which could lead to the execution of arbitrary code if a malformed font file is processed.; tags | advisory, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527; MD5 | f3197b42df739f108c07e4a38fdb5657; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Ubuntu 43 files
Red Hat 41 files
Google Security Research 22 files
Gentoo 14 files
LiquidWorm 10 files
Ivan Fratric 10 files
Debian 10 files
Apple 7 files
Slackware Security Team 7 files
HP 7 files

File Archives

Systems

AIX (407)
Apple (1,457)
BSD (327)
Cisco (1,781)
Debian (5,302)
Fedora (1,675)
FreeBSD (1,181)
Gentoo (3,411)
HPUX (862)
iOS (147)
iPhone (103)
IRIX (219)
Juniper (66)
Linux (31,817)
Mac OS X (644)
Mandriva (3,105)
NetBSD (253)
OpenBSD (453)
RedHat (5,855)
Slackware (775)
Solaris (1,565)
SUSE (1,442)
Ubuntu (5,189)
UNIX (8,114)
UnixWare (170)
Windows (5,158)
Other

CVE-2010-2498

Overview

Related Files

File Archive:

July 2017

Top Authors In Last 30 Days

File Tags

File Archives

Systems