Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.57094
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2006:0500
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2006:0500.

FreeType is a free, high-quality, and portable font engine.

Chris Evans discovered several integer underflow and overflow flaws in the
FreeType font engine. If a user loads a carefully crafted font file with a
program linked against FreeType, it could cause the application to crash or
execute arbitrary code as the user. While it is uncommon for a user to
explicitly load a font file, there are several application file formats
which contain embedded fonts that are parsed by FreeType. (CVE-2006-0747,
CVE-2006-1861, CVE-2006-3467)

A NULL pointer dereference flaw was found in the FreeType font engine. An
application linked against FreeType can crash upon loading a malformed font
file. (CVE-2006-2661)

Users of FreeType should upgrade to these updated packages, which contain
backported patches to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2006-0500.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-0747
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
BugTraq ID: 18326
http://www.securityfocus.com/bid/18326
Bugtraq: 20060612 rPSA-2006-0100-1 freetype (Google Search)
http://www.securityfocus.com/archive/1/436836/100/0/threaded
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Debian Security Information: DSA-1095 (Google Search)
http://www.debian.org/security/2006/dsa-1095
http://www.mandriva.com/security/advisories?name=MDKSA-2006:099
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508
http://www.redhat.com/support/errata/RHSA-2006-0500.html
http://securitytracker.com/id?1016522
http://secunia.com/advisories/20525
http://secunia.com/advisories/20591
http://secunia.com/advisories/20638
http://secunia.com/advisories/20791
http://secunia.com/advisories/21062
http://secunia.com/advisories/21135
http://secunia.com/advisories/21385
http://secunia.com/advisories/21701
http://secunia.com/advisories/23939
http://secunia.com/advisories/35074
SGI Security Advisory: 20060701-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1
SuSE Security Announcement: SUSE-SA:2006:037 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html
https://usn.ubuntu.com/291-1/
http://www.vupen.com/english/advisories/2007/0381
http://www.vupen.com/english/advisories/2009/1297
Common Vulnerability Exposure (CVE) ID: CVE-2006-1861
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
BugTraq ID: 18034
http://www.securityfocus.com/bid/18034
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html
http://security.gentoo.org/glsa/glsa-200607-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://www.redhat.com/support/errata/RHSA-2009-1062.html
http://secunia.com/advisories/20100
http://secunia.com/advisories/21000
http://secunia.com/advisories/27162
http://secunia.com/advisories/27167
http://secunia.com/advisories/27271
http://secunia.com/advisories/33937
http://secunia.com/advisories/35200
http://secunia.com/advisories/35204
http://secunia.com/advisories/35233
SuSE Security Announcement: SUSE-SR:2007:021 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://www.vupen.com/english/advisories/2006/1868
XForce ISS Database: freetype-lwfn-overflow(26553)
https://exchange.xforce.ibmcloud.com/vulnerabilities/26553
Common Vulnerability Exposure (CVE) ID: CVE-2006-2661
BugTraq ID: 18329
http://www.securityfocus.com/bid/18329
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692
http://securitytracker.com/id?1016520
Common Vulnerability Exposure (CVE) ID: CVE-2006-3467
Bugtraq: 20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs (Google Search)
http://www.securityfocus.com/archive/1/444318/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 (Google Search)
http://www.securityfocus.com/archive/1/451419/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 (Google Search)
http://www.securityfocus.com/archive/1/451404/100/0/threaded
Bugtraq: 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451417/100/200/threaded
Bugtraq: 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 (Google Search)
http://www.securityfocus.com/archive/1/451426/100/200/threaded
Debian Security Information: DSA-1178 (Google Search)
http://www.debian.org/security/2006/dsa-1178
Debian Security Information: DSA-1193 (Google Search)
http://www.debian.org/security/2006/dsa-1193
http://security.gentoo.org/glsa/glsa-200609-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:129
http://www.mandriva.com/security/advisories?name=MDKSA-2006:148
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673
http://www.redhat.com/support/errata/RHSA-2006-0634.html
http://www.redhat.com/support/errata/RHSA-2006-0635.html
http://secunia.com/advisories/21144
http://secunia.com/advisories/21232
http://secunia.com/advisories/21285
http://secunia.com/advisories/21566
http://secunia.com/advisories/21567
http://secunia.com/advisories/21606
http://secunia.com/advisories/21626
http://secunia.com/advisories/21793
http://secunia.com/advisories/21798
http://secunia.com/advisories/21836
http://secunia.com/advisories/22027
http://secunia.com/advisories/22332
http://secunia.com/advisories/22875
http://secunia.com/advisories/22907
http://secunia.com/advisories/23400
SuSE Security Announcement: SUSE-SA:2006:045 (Google Search)
http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html
http://www.trustix.org/errata/2006/0052/
http://www.ubuntu.com/usn/usn-324-1
http://www.ubuntu.com/usn/usn-341-1
http://www.vupen.com/english/advisories/2006/4502
http://www.vupen.com/english/advisories/2006/4522
CopyrightCopyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.