Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.56934
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 1095-1 (freetype)
Summary:NOSUMMARY
Description:Description:
The remote host is missing an update to freetype
announced via advisory DSA 1095-1.

Several problems have been discovered in the FreeType 2 font engine.
The Common vulnerabilities and Exposures project identifies the
following problems:

CVE-2006-0747

Several integer underflows have been discovered which could allow
remote attackers to cause a denial of service.

CVE-2006-1861

Chris Evans discovered several integer overflows that lead to a
denial of service or could possibly even lead to the execution of
arbitrary code.

CVE-2006-2493

Several more integer overflows have been discovered which could
possibly lead to the execution of arbitrary code.

CVE-2006-2661

A null pointer dereference could cause a denial of service.

For the old stable distribution (woody) these problems have been fixed in
version 2.0.9-1woody1.

For the stable distribution (sarge) these problems have been fixed in
version 2.1.7-2.5.

For the unstable distribution (sid) these problems will be fixed soon

We recommend that you upgrade your libfreetype packages.

Solution:
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201095-1

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 18034
Common Vulnerability Exposure (CVE) ID: CVE-2006-2661
BugTraq ID: 18329
http://www.securityfocus.com/bid/18329
Bugtraq: 20060612 rPSA-2006-0100-1 freetype (Google Search)
http://www.securityfocus.com/archive/1/436836/100/0/threaded
Debian Security Information: DSA-1095 (Google Search)
http://www.debian.org/security/2006/dsa-1095
http://www.mandriva.com/security/advisories?name=MDKSA-2006:099
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692
http://www.redhat.com/support/errata/RHSA-2006-0500.html
http://securitytracker.com/id?1016520
http://secunia.com/advisories/20525
http://secunia.com/advisories/20591
http://secunia.com/advisories/20638
http://secunia.com/advisories/20791
http://secunia.com/advisories/21062
http://secunia.com/advisories/21135
http://secunia.com/advisories/21385
http://secunia.com/advisories/21701
http://secunia.com/advisories/23939
SGI Security Advisory: 20060701-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1
SuSE Security Announcement: SUSE-SA:2006:037 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html
https://usn.ubuntu.com/291-1/
http://www.vupen.com/english/advisories/2007/0381
Common Vulnerability Exposure (CVE) ID: CVE-2006-1861
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://www.securityfocus.com/bid/18034
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html
http://security.gentoo.org/glsa/glsa-200607-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://www.redhat.com/support/errata/RHSA-2009-1062.html
http://securitytracker.com/id?1016522
http://secunia.com/advisories/20100
http://secunia.com/advisories/21000
http://secunia.com/advisories/27162
http://secunia.com/advisories/27167
http://secunia.com/advisories/27271
http://secunia.com/advisories/33937
http://secunia.com/advisories/35200
http://secunia.com/advisories/35204
http://secunia.com/advisories/35233
SuSE Security Announcement: SUSE-SR:2007:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://www.vupen.com/english/advisories/2006/1868
XForce ISS Database: freetype-lwfn-overflow(26553)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26553
Common Vulnerability Exposure (CVE) ID: CVE-2006-0747
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
BugTraq ID: 18326
http://www.securityfocus.com/bid/18326
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508
http://secunia.com/advisories/35074
http://www.vupen.com/english/advisories/2009/1297
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.