Sun Patch: X11 6.4.1_x86: FreeType2 patch
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | April 16, 2009 | April 16, 2009 | June 03, 2016 |
Description
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- APPLE-APPLE-SA-2007-11-14
- APPLE-APPLE-SA-2008-09-09
- APPLE-APPLE-SA-2008-09-12
- APPLE-APPLE-SA-2009-02-12
- APPLE-APPLE-SA-2009-05-12
- APPLE-APPLE-SA-2009-06-08-1
- APPLE-APPLE-SA-2009-06-17-1
- APPLE-APPLE-SA-2010-08-11-1
- APPLE-APPLE-SA-2010-08-11-2
- APPLE-APPLE-SA-2010-11-10-1
- APPLE-APPLE-SA-2010-11-22-1
- BID-18034
- BID-18326
- BID-18329
- BID-23283
- BID-23284
- BID-23300
- BID-23402
- BID-24074
- BID-29637
- BID-29639
- BID-29640
- BID-29641
- BID-34550
- BID-42151
- BID-42285
- CERT-TA09-133A
- CVE-2006-0747
- CVE-2006-1861
- CVE-2006-2661
- CVE-2006-3467
- CVE-2007-1003
- CVE-2007-1351
- CVE-2007-1352
- CVE-2007-2754
- CVE-2008-1806
- CVE-2008-1807
- CVE-2008-1808
- CVE-2009-0946
- CVE-2010-1797
- CVE-2010-2497
- CVE-2010-2498
- CVE-2010-2499
- CVE-2010-2500
- CVE-2010-2519
- CVE-2010-2520
- CVE-2010-2805
- CVE-2010-2806
- CVE-2010-2807
- CVE-2010-2808
- DEBIAN-DSA-1095
- DEBIAN-DSA-1178
- DEBIAN-DSA-1193
- DEBIAN-DSA-1294
- DEBIAN-DSA-1302
- DEBIAN-DSA-1334
- DEBIAN-DSA-1454
- DEBIAN-DSA-1784
- DEBIAN-DSA-2070
- OVAL-OVAL10149
- OVAL-OVAL10523
- OVAL-OVAL10673
- OVAL-OVAL11188
- OVAL-OVAL11266
- OVAL-OVAL11325
- OVAL-OVAL11692
- OVAL-OVAL13243
- OVAL-OVAL1810
- OVAL-OVAL1980
- OVAL-OVAL5532
- OVAL-OVAL9124
- OVAL-OVAL9321
- OVAL-OVAL9508
- OVAL-OVAL9767
- OVAL-OVAL9798
- REDHAT-RHSA-2006:0500
- REDHAT-RHSA-2006:0634
- REDHAT-RHSA-2006:0635
- REDHAT-RHSA-2007:0125
- REDHAT-RHSA-2007:0126
- REDHAT-RHSA-2007:0127
- REDHAT-RHSA-2007:0132
- REDHAT-RHSA-2007:0150
- REDHAT-RHSA-2007:0403
- REDHAT-RHSA-2008:0556
- REDHAT-RHSA-2008:0558
- REDHAT-RHSA-2009:0329
- REDHAT-RHSA-2009:1061
- REDHAT-RHSA-2009:1062
- REDHAT-RHSA-2010:0577
- REDHAT-RHSA-2010:0578
- REDHAT-RHSA-2010:0736
- REDHAT-RHSA-2010:0737
- REDHAT-RHSA-2010:0864
- SGI-20060701-01-U
- SGI-20070602-01-P
- SUNPATCH-124421-06
- SUSE-SUSE-SA:2006:037
- SUSE-SUSE-SA:2006:045
- SUSE-SUSE-SA:2007:027
- SUSE-SUSE-SA:2007:041
- XF-26553
- XF-33417
- XF-33419
- XF-33424
- XF-60856
Solution
sunpatch-solaris-124421Related Vulnerabilities
- CESA-2006:0634: xorg-x11 security update
- Gentoo Linux: CVE-2010-2500: FreeType: Multiple vulnerabilities
- SUSE Linux Security Advisory: SUSE-SR:2009:010
- ELSA-2010-0577 Important: Enterprise Linux freetype security update
- Gentoo Linux: CVE-2010-2807: FreeType: Multiple vulnerabilities
- RHSA-2006:0635: XFree86 security update
- SUSE-SA:2006:045: freetype2
- SUSE-SR:2007:021:vuln3: NX security update for PCF handling
- OS X security update 2009-001 for X11 (CVE-2006-3467)
- RHSA-2009:0329: freetype security update
- Gentoo Linux: CVE-2008-1808: VMware Player, Server, Workstation: Multiple vulnerabilities
- Gentoo Linux: CVE-2010-2498: FreeType: Multiple vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2010-1797
- OS X update for X11 (CVE-2010-2807)
- Cent OS: CVE-2007-2754: CESA-2009:0329 (freetype)
- SUSE Linux Security Vulnerability: CVE-2008-1808
- RHSA-2007:0125: XFree86 security update
- OS X security update 2009-001 for X11 (CVE-2007-1667)
- SUSE Linux Security Vulnerability: CVE-2010-2519
- Sun Patch: StarOffice 8 (Solaris): Update 18
- OS X update for X11 (CVE-2010-2497)
- Gentoo Linux: CVE-2006-3467: LibXfont: Multiple integer overflows
- Cent OS: CVE-2009-0946: CESA-2009:1061 (freetype)
- Sun Patch: StarSuite 8 (Solaris): Update 18
- Sun Patch: X11 6.6.2_x86: FreeType patch
- Apple iOS Vulnerability: CVE-2010-1797
- Sun Patch: StarSuite 8 (Solaris_x86): Update 18
- OS X security update 2009-001 for X11 (CVE-2008-1808)
- Gentoo Linux: CVE-2010-2497: FreeType: Multiple vulnerabilities
- Sun Patch: X11 6.6.1_x86: font patch
- USN-972-1: FreeType vulnerabilities
- Sun Patch: X11 6.4.1_x86: Xsun patch
- Gentoo Linux: CVE-2010-2806: FreeType: Multiple vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2006-2661
- Apple Safari security update for CVE-2009-0946
- ELSA-2009-0329 Important: Enterprise Linux freetype security update
- SUSE Linux Security Advisory: SUSE-SR:2008:008
- ELSA-2007:0002 Important: Enterprise Linux XFree86 security update
- RHSA-2008:0558: freetype security update
- RHSA-2010:0577: freetype security update
- ELSA-2010-0578 Important: Enterprise Linux freetype security update
- SUSE Linux Security Vulnerability: CVE-2010-2805
- OS X update for X11 (CVE-2010-2519)
- Sun Patch: X11 6.6.2_x86: Xsun patch
- Sun Patch: X11 6.6.2: Xsun patch
- OS X update for X11 (CVE-2010-2808)
- VMware Fusion: Update to Freetype (VMSA-2008-0014) (CVE-2008-1808)
- SUSE Linux Security Vulnerability: CVE-2010-2808
- Gentoo Linux: CVE-2006-1861: FreeType 1: User-assisted execution of arbitrary code
- CESA-2007:0150: freetype security update
- SUSE Linux Security Vulnerability: CVE-2008-1807
- VMware Workstation: Update to Freetype (VMSA-2008-0014) (CVE-2008-1807)
- RHSA-2007:0127: xorg-x11-server security update
- OS X update for X11 (CVE-2010-2500)
- ELSA-2007-0150 Moderate: Enterprise Linux freetype security update
- Sun Patch: X11 6.6.1_x86: FreeType patch
- ELSA-2010-0736 Important: Enterprise Linux freetype security update
- RHSA-2010:0864: freetype security update
- ELSA-2007-0125 Important: Enterprise Linux XFree86 security update
- SUSE Linux Security Vulnerability: CVE-2010-2807
- SUSE-SA:2007:027: XFree86,Xorg
- Apple iOS Vulnerability: CVE-2010-2973
- VMware Workstation: Update to Freetype (VMSA-2008-0014) (CVE-2008-1808)
- CESA-2007:0126: xorg-x11 security update
- Gentoo Linux: CVE-2007-2754: FreeType: Buffer overflow
- Sun Patch: X11 6.6.1: FreeType patch
- Cent OS: CVE-2008-1808: CESA-2009:0329 (freetype)
- SUSE Linux Security Advisory: SUSE-SR:2007:006
- OS X update for X11 (CVE-2010-2520)
- ELSA-2007-0127 Important: Enterprise Linux xorg-x11-server security update
- SUSE Linux Security Advisory: SUSE-SA:2006:037
- Cent OS: CVE-2010-1797: CESA-2010:0607 (freetype)
- OS X update for X11 (CVE-2009-0946)
- SUSE Linux Security Advisory: SUSE-SR:2008:014
- Cent OS: CVE-2010-2806: CESA-2010:0737 (freetype)
- OS X update for X11 (CVE-2010-2498)
- CESA-2007:0127: xorg-x11-server security update
- VMware Fusion: Update to Freetype (VMSA-2008-0014) (CVE-2008-1806)
- FreeBSD: FreeType 2 -- Heap overflow vulnerability (CVE-2007-2754)
- VMware Player: Update to Freetype (VMSA-2008-0014) (CVE-2008-1807)
- ELSA-2007-0132 Important: Enterprise Linux libXfont security update
- USN-643-1: FreeType vulnerabilities
- SUSE Linux Security Advisory: SUSE-SA:2007:027
- SUSE Linux Security Vulnerability: CVE-2007-1351
- RHSA-2008:0556: freetype security update
- CESA-2007:0157: xorg-x11-apps and libX11 security update
- SUSE-SA:2006:037: freetype2
- RHSA-2010:0607: freetype security update
- OS X security update 2009-002 for X11 (CVE-2006-0747)
- Cent OS: CVE-2006-1861: CESA-2009:0329 (freetype)
- SUSE Linux Security Vulnerability: CVE-2010-2499
- Sun Patch: SunOS 5.4_x86: jumbo patch for NIS commands
- OS X update for X11 (CVE-2010-2499)
- OS X security update 2009-002 for X11 (CVE-2007-2754)
- ELSA-2007-0126 Important: xorg-x11 security update
- Gentoo Linux: CVE-2008-1807: VMware Player, Server, Workstation: Multiple vulnerabilities
- Gentoo Linux: CVE-2010-2808: FreeType: Multiple vulnerabilities
- CESA-2007:0132: libXfont security update
- Gentoo Linux: CVE-2007-1003: LibXfont, TightVNC: Multiple vulnerabilities
- Sun Patch: X11 6.6.1_x86: Xsun patch