FreeBSD Local Security Checks : FreeBSD Ports: freetype2

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.63862

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: freetype2

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: freetype2

CVE-2009-0946
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote
attackers to execute arbitrary code via vectors related to large
values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c,
and (3) cff/cffload.c.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0946
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
BugTraq ID: 34550
http://www.securityfocus.com/bid/34550
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Debian Security Information: DSA-1784 (Google Search)
http://www.debian.org/security/2009/dsa-1784
http://security.gentoo.org/glsa/glsa-200905-05.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:243
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://www.redhat.com/support/errata/RHSA-2009-1061.html
http://www.redhat.com/support/errata/RHSA-2009-1062.html
http://secunia.com/advisories/34723
http://secunia.com/advisories/34913
http://secunia.com/advisories/34967
http://secunia.com/advisories/35065
http://secunia.com/advisories/35074
http://secunia.com/advisories/35198
http://secunia.com/advisories/35200
http://secunia.com/advisories/35204
http://secunia.com/advisories/35210
http://secunia.com/advisories/35379
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
http://www.ubuntu.com/usn/USN-767-1
http://www.vupen.com/english/advisories/2009/1058
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1522
http://www.vupen.com/english/advisories/2009/1621

Copyright Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.63862
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: freetype2
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: freetype2 CVE-2009-0946 Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0946 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html BugTraq ID: 34550 http://www.securityfocus.com/bid/34550 Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1784 (Google Search) http://www.debian.org/security/2009/dsa-1784 http://security.gentoo.org/glsa/glsa-200905-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:243 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149 http://www.redhat.com/support/errata/RHSA-2009-0329.html http://www.redhat.com/support/errata/RHSA-2009-1061.html http://www.redhat.com/support/errata/RHSA-2009-1062.html http://secunia.com/advisories/34723 http://secunia.com/advisories/34913 http://secunia.com/advisories/34967 http://secunia.com/advisories/35065 http://secunia.com/advisories/35074 http://secunia.com/advisories/35198 http://secunia.com/advisories/35200 http://secunia.com/advisories/35204 http://secunia.com/advisories/35210 http://secunia.com/advisories/35379 http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1 SuSE Security Announcement: SUSE-SR:2009:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html http://www.ubuntu.com/usn/USN-767-1 http://www.vupen.com/english/advisories/2009/1058 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2009/1522 http://www.vupen.com/english/advisories/2009/1621
Copyright	Copyright (C) 2009 E-Soft Inc.