Test ID:	1.3.6.1.4.1.25623.1.0.70563
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-2350-1)
Summary:	The remote host is missing an update for the Debian 'freetype' package(s) announced via the DSA-2350-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'freetype' package(s) announced via the DSA-2350-1 advisory. Vulnerability Insight: It was discovered that missing input sanitising in Freetype's processing of CID-keyed fonts could lead to the execution of arbitrary code. For the oldstable distribution (lenny), this problem has been fixed in version 2.3.7-2+lenny8. For the stable distribution (squeeze), this problem has been fixed in version 2.4.2-2.1+squeeze3. For the unstable distribution (sid), this problem has been fixed in version 2.4.8-1. We recommend that you upgrade your freetype packages. Affected Software/OS: 'freetype' package(s) on Debian 5, Debian 6. Solution: Please install the updated package(s). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3439 http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html http://secunia.com/advisories/46921 http://secunia.com/advisories/48951 SuSE Security Announcement: SUSE-SU-2011:1307 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00008.html SuSE Security Announcement: openSUSE-SU-2012:0015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00003.html SuSE Security Announcement: openSUSE-SU-2012:0047 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00012.html
Copyright	Copyright (C) 2012 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.