exploit the possibilities
Showing 1 - 7 of 7 RSS Feed

CVE-2010-3855

Status Candidate

Overview

Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.

Related Files

Gentoo Linux Security Advisory 201201-09
Posted Jan 24, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-9 - Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. Versions less than 2.4.8 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-1797, CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519, CVE-2010-2520, CVE-2010-2527, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808, CVE-2010-3053, CVE-2010-3054, CVE-2010-3311, CVE-2010-3814, CVE-2010-3855, CVE-2011-0226, CVE-2011-3256, CVE-2011-3439
SHA-256 | c2f545da77d59dcae89071ef5db306706481440c4f480de96b07a59229faf95e
Apple Security Advisory 2011-07-15-2
Posted Jul 18, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-07-15-2 - A buffer overflow exists in FreeType's handling of TrueType font files. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. A signedness issue exists in FreeType's handling of Type 1 fonts. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. An invalid type conversion issue exists in the use of IOMobileFrameBuffer queueing primitives, which may allow malicious code running as the user to gain system privileges.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-3855, CVE-2011-0226, CVE-2011-0227
SHA-256 | edfe889bbf74860d0bd555d71b0a140df267165c93e7e961078574b86529708e
Apple Security Advisory 2011-07-15-1
Posted Jul 18, 2011
Authored by Apple | Site apple.com

Apple Security Advisory 2011-07-15-1 - A buffer overflow exists in FreeType's handling of TrueType fonts. Viewing a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. An invalid type conversion issue exists in the use of IOMobileFrameBuffer queueing primitives, which may allow malicious code running as the user to gain system privileges.

tags | advisory, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-3855, CVE-2011-0227
SHA-256 | fb3abe5ba5b621345286bb52a22fda5559249d340aebb02783a5f461bb3105c4
Debian Security Advisory 2155-1
Posted Feb 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2155-1 - Two buffer overflows were found in the Freetype font library, which could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2010-3814, CVE-2010-3855
SHA-256 | b8b4ef4cd73f647d0b7feba3fb89ab736e4f7accb9aa214fc6d03d503e29bf7c
Mandriva Linux Security Advisory 2010-236
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-236 - Multiple vulnerabilities were discovered and corrected in freetype2. An error within the "Ins_SHZ()" function in src/truetype/ttinterp.c when handling the "SHZ" bytecode instruction can be exploited to cause a crash and potentially execute arbitrary code via a specially crafted font. An error exists in the "ft_var_readpackedpoints()" function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be exploited to cause a heap-based buffer overflow via a specially crafted font.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3814, CVE-2010-3855
SHA-256 | 082e3d14d51c0c4429d4ac6085aeee9d68bb604f0f963c33a896c08708daa057
Mandriva Linux Security Advisory 2010-235
Posted Nov 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-235 - An error exists in the "ft_var_readpackedpoints()" function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be exploited to cause a heap-based buffer overflow via a specially crafted font. The updated packages have been patched to correct these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2010-3855
SHA-256 | 513e57f39a0528458ed28074ae028710308370fd51826b6bada5e299dfb1ea87
Ubuntu Security Notice 1013-1
Posted Nov 5, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1013-1 - Marc Schoenefeld discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. Chris Evans discovered that FreeType did not correctly handle certain malformed TrueType font files. If a user were tricked into using a specially crafted TrueType file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10. It was discovered that FreeType did not correctly handle certain malformed TrueType font files. If a user were tricked into using a specially crafted TrueType file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-3311, CVE-2010-3814, CVE-2010-3855
SHA-256 | a7844c918a1287ebbeb10049ad6777cfc78db17becfe0ec9fc5d86eda02f4746
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close