Showing 1 - 4 of 4

CVE-2010-2498

Status Candidate

Overview

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.

Related Files

Gentoo Linux Security Advisory 201201-09: Posted Jan 24, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201201-9 - Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. Versions less than 2.4.8 are affected.; tags | advisory, remote, denial of service, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2010-1797, CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3311, CVE-2010-3814, CVE-2010-3855, CVE-2011-0226, CVE-2011-3256, CVE-2011-3439; MD5 | 23128961bf7b84b4a162a0b9bf210286; Download | Favorite | View

Ubuntu Security Notice 963-1: Posted Jul 21, 2010; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 963-1 - Robert Swiecki discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527; MD5 | a4225e010bf4f86d741fadc63eee20ac; Download | Favorite | View

Mandriva Linux Security Advisory 2010-137: Posted Jul 20, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-137 - Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed. A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected. The updated packages have been patched to correct these issues.; tags | advisory, overflow; systems | linux, mandriva; advisories | CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520; MD5 | 289c472c3d0ba3410eda1db5c008e036; Download | Favorite | View

Debian Linux Security Advisory 2070-1: Posted Jul 15, 2010; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2070-1 - Robert Swiecki discovered several vulnerabilities in the FreeType font library, which could lead to the execution of arbitrary code if a malformed font file is processed.; tags | advisory, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527; MD5 | f3197b42df739f108c07e4a38fdb5657; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 67 files
Ubuntu 40 files
malvuln 20 files
Apple 17 files
LiquidWorm 7 files
0xB9 7 files
Abdulrahman 6 files
nu11secur1ty 6 files
Janik Wehrli 5 files
Amine 4 files

File Archives

Systems

AIX (423)
Apple (1,831)
BSD (368)
CentOS (54)
Cisco (1,908)
Debian (5,946)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,148)
HPUX (875)
iOS (302)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (40,753)
Mac OS X (681)
Mandriva (3,105)
NetBSD (255)
OpenBSD (476)
RedHat (10,518)
Slackware (941)
Solaris (1,601)
SUSE (1,444)
Ubuntu (7,453)
UNIX (8,972)
UnixWare (182)
Windows (6,133)
Other

CVE-2010-2498

Overview

Related Files

File Archive:

October 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems