Test ID:	1.3.6.1.4.1.25623.1.0.57039
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-291-1 (freetype)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to freetype announced via advisory USN-291-1. A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libfreetype6 2.1.7-2.3ubuntu0.1 Ubuntu 5.10: libfreetype6 2.1.7-2.4ubuntu1.1 Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.1 After a standard system upgrade you need to reboot your computer to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-291-1 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-0747 1016522 http://securitytracker.com/id?1016522 102705 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 18326 http://www.securityfocus.com/bid/18326 20060612 rPSA-2006-0100-1 freetype http://www.securityfocus.com/archive/1/436836/100/0/threaded 20060701-01-U ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U 20525 http://secunia.com/advisories/20525 20591 http://secunia.com/advisories/20591 20638 http://secunia.com/advisories/20638 20791 http://secunia.com/advisories/20791 21062 http://secunia.com/advisories/21062 21135 http://secunia.com/advisories/21135 21385 http://secunia.com/advisories/21385 21701 http://secunia.com/advisories/21701 23939 http://secunia.com/advisories/23939 35074 http://secunia.com/advisories/35074 ADV-2007-0381 http://www.vupen.com/english/advisories/2007/0381 ADV-2009-1297 http://www.vupen.com/english/advisories/2009/1297 APPLE-SA-2009-05-12 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html DSA-1095 http://www.debian.org/security/2006/dsa-1095 MDKSA-2006:099 http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 RHSA-2006:0500 http://www.redhat.com/support/errata/RHSA-2006-0500.html SUSE-SA:2006:037 http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html USN-291-1 https://usn.ubuntu.com/291-1/ http://support.apple.com/kb/HT3549 http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676 https://issues.rpath.com/browse/RPL-429 oval:org.mitre.oval:def:9508 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508 Common Vulnerability Exposure (CVE) ID: CVE-2006-1861 18034 http://www.securityfocus.com/bid/18034 20100 http://secunia.com/advisories/20100 21000 http://secunia.com/advisories/21000 27162 http://secunia.com/advisories/27162 27167 http://secunia.com/advisories/27167 27271 http://secunia.com/advisories/27271 33937 http://secunia.com/advisories/33937 35200 http://secunia.com/advisories/35200 35204 http://secunia.com/advisories/35204 35233 http://secunia.com/advisories/35233 ADV-2006-1868 http://www.vupen.com/english/advisories/2006/1868 APPLE-SA-2009-02-12 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html FEDORA-2009-5558 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html FEDORA-2009-5644 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html GLSA-200607-02 http://security.gentoo.org/glsa/glsa-200607-02.xml GLSA-200710-09 http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml RHSA-2009:0329 http://www.redhat.com/support/errata/RHSA-2009-0329.html RHSA-2009:1062 http://www.redhat.com/support/errata/RHSA-2009-1062.html SUSE-SR:2007:021 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html freetype-lwfn-overflow(26553) https://exchange.xforce.ibmcloud.com/vulnerabilities/26553 http://sourceforge.net/project/shownotes.php?release_id=416463 http://support.apple.com/kb/HT3438 https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8 https://bugzilla.redhat.com/show_bug.cgi?id=502565 oval:org.mitre.oval:def:9124 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124 Common Vulnerability Exposure (CVE) ID: CVE-2006-2493 Common Vulnerability Exposure (CVE) ID: CVE-2006-2661 BugTraq ID: 18329 http://www.securityfocus.com/bid/18329 Bugtraq: 20060612 rPSA-2006-0100-1 freetype (Google Search) Debian Security Information: DSA-1095 (Google Search) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692 http://securitytracker.com/id?1016520 SGI Security Advisory: 20060701-01-U SuSE Security Announcement: SUSE-SA:2006:037 (Google Search)
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.