Denial of Service : FreeType <= 2.4.1 Multiple DoS Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.901142

Categoría: Denial of Service

Título: FreeType <= 2.4.1 Multiple DoS Vulnerabilities - Windows

Resumen: FreeType is prone to multiple Denial of Service (DoS) vulnerabilities.

Descripción: Summary:
FreeType is prone to multiple Denial of Service (DoS) vulnerabilities.

Vulnerability Insight:
- Buffer overflow error in the 'Mac_Read_POST_Resource()' [src/base/ftobjs.c]
function when processing Adobe Type 1 Mac Font File (LWFN) fonts.

- Errors related to the bdf/bdflib.c, t42_parse_sfnts function in
type42/t42parse.c, FT_Stream_EnterFrame function in base/ftstream.c,
ftmulti.c in the ftmulti demo program and to the 'BOUNDS' macro when
processing fonts.

Vulnerability Impact:
Successful exploitation may allow attackers to execute arbitrary code in the
context of an application that uses the affected library. Failed exploitation
attempts will likely result in denial-of-service conditions.

Affected Software/OS:
FreeType version 2.4.1 and prior.

Solution:
Upgrade to FreeType version 2.4.2 or later.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-3053
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
http://secunia.com/advisories/42314
http://secunia.com/advisories/42317
http://secunia.com/advisories/48951
SuSE Security Announcement: SUSE-SR:2010:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
http://www.vupen.com/english/advisories/2010/3045
http://www.vupen.com/english/advisories/2010/3046
Common Vulnerability Exposure (CVE) ID: CVE-2010-2808
40816
http://secunia.com/advisories/40816
40982
http://secunia.com/advisories/40982
42285
http://www.securityfocus.com/bid/42285
42314
42317
ADV-2010-2018
http://www.vupen.com/english/advisories/2010/2018
ADV-2010-2106
http://www.vupen.com/english/advisories/2010/2106
ADV-2010-3045
ADV-2010-3046
APPLE-SA-2010-11-10-1
APPLE-SA-2010-11-22-1
RHSA-2010:0737
https://rhn.redhat.com/errata/RHSA-2010-0737.html
RHSA-2010:0864
http://www.redhat.com/support/errata/RHSA-2010-0864.html
USN-972-1
http://www.ubuntu.com/usn/USN-972-1
[oss-security] 20100806 CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts
http://marc.info/?l=oss-security&m=128110167119337&w=2
[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more
http://marc.info/?l=oss-security&m=128111955616772&w=2
http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975
http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
http://support.apple.com/kb/HT4435
http://support.apple.com/kb/HT4456
http://support.apple.com/kb/HT4457
https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019
https://bugzilla.redhat.com/show_bug.cgi?id=621907
https://savannah.nongnu.org/bugs/?30658
Common Vulnerability Exposure (CVE) ID: CVE-2010-2807
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac
https://savannah.nongnu.org/bugs/?30657
Common Vulnerability Exposure (CVE) ID: CVE-2010-2806
RHSA-2010:0736
https://rhn.redhat.com/errata/RHSA-2010-0736.html
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557
https://bugzilla.redhat.com/show_bug.cgi?id=621980
https://savannah.nongnu.org/bugs/?30656
Common Vulnerability Exposure (CVE) ID: CVE-2010-2805
48951
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375
https://savannah.nongnu.org/bugs/?30644
Common Vulnerability Exposure (CVE) ID: CVE-2010-2541
1024266
http://securitytracker.com/id?1024266
RHSA-2010:0577
http://www.redhat.com/support/errata/RHSA-2010-0577.html
RHSA-2010:0578
http://www.redhat.com/support/errata/RHSA-2010-0578.html
https://bugzilla.redhat.com/show_bug.cgi?id=617342

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.901142
Categoría:	Denial of Service
Título:	FreeType <= 2.4.1 Multiple DoS Vulnerabilities - Windows
Resumen:	FreeType is prone to multiple Denial of Service (DoS) vulnerabilities.
Descripción:	Summary: FreeType is prone to multiple Denial of Service (DoS) vulnerabilities. Vulnerability Insight: - Buffer overflow error in the 'Mac_Read_POST_Resource()' [src/base/ftobjs.c] function when processing Adobe Type 1 Mac Font File (LWFN) fonts. - Errors related to the bdf/bdflib.c, t42_parse_sfnts function in type42/t42parse.c, FT_Stream_EnterFrame function in base/ftstream.c, ftmulti.c in the ftmulti demo program and to the 'BOUNDS' macro when processing fonts. Vulnerability Impact: Successful exploitation may allow attackers to execute arbitrary code in the context of an application that uses the affected library. Failed exploitation attempts will likely result in denial-of-service conditions. Affected Software/OS: FreeType version 2.4.1 and prior. Solution: Upgrade to FreeType version 2.4.2 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3053 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html http://secunia.com/advisories/42314 http://secunia.com/advisories/42317 http://secunia.com/advisories/48951 SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://www.vupen.com/english/advisories/2010/3045 http://www.vupen.com/english/advisories/2010/3046 Common Vulnerability Exposure (CVE) ID: CVE-2010-2808 40816 http://secunia.com/advisories/40816 40982 http://secunia.com/advisories/40982 42285 http://www.securityfocus.com/bid/42285 42314 42317 ADV-2010-2018 http://www.vupen.com/english/advisories/2010/2018 ADV-2010-2106 http://www.vupen.com/english/advisories/2010/2106 ADV-2010-3045 ADV-2010-3046 APPLE-SA-2010-11-10-1 APPLE-SA-2010-11-22-1 RHSA-2010:0737 https://rhn.redhat.com/errata/RHSA-2010-0737.html RHSA-2010:0864 http://www.redhat.com/support/errata/RHSA-2010-0864.html USN-972-1 http://www.ubuntu.com/usn/USN-972-1 [oss-security] 20100806 CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts http://marc.info/?l=oss-security&m=128110167119337&w=2 [oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more http://marc.info/?l=oss-security&m=128111955616772&w=2 http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975 http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view http://support.apple.com/kb/HT4435 http://support.apple.com/kb/HT4456 http://support.apple.com/kb/HT4457 https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 https://bugzilla.redhat.com/show_bug.cgi?id=621907 https://savannah.nongnu.org/bugs/?30658 Common Vulnerability Exposure (CVE) ID: CVE-2010-2807 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac https://savannah.nongnu.org/bugs/?30657 Common Vulnerability Exposure (CVE) ID: CVE-2010-2806 RHSA-2010:0736 https://rhn.redhat.com/errata/RHSA-2010-0736.html http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557 https://bugzilla.redhat.com/show_bug.cgi?id=621980 https://savannah.nongnu.org/bugs/?30656 Common Vulnerability Exposure (CVE) ID: CVE-2010-2805 48951 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375 https://savannah.nongnu.org/bugs/?30644 Common Vulnerability Exposure (CVE) ID: CVE-2010-2541 1024266 http://securitytracker.com/id?1024266 RHSA-2010:0577 http://www.redhat.com/support/errata/RHSA-2010-0577.html RHSA-2010:0578 http://www.redhat.com/support/errata/RHSA-2010-0578.html https://bugzilla.redhat.com/show_bug.cgi?id=617342
Copyright	Copyright (C) 2010 Greenbone AG