English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2012.0553.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2012:0553-1)
Summary:The remote host is missing an update for the 'freetype2' package(s) announced via the SUSE-SU-2012:0553-1 advisory.
Description:Summary:
The remote host is missing an update for the 'freetype2' package(s) announced via the SUSE-SU-2012:0553-1 advisory.

Vulnerability Insight:
Specially crafted font files could have caused buffer overflows in freetype, which could have been exploited for remote code execution.

Security Issue references:

* CVE-2012-1141
>
* CVE-2012-1132
>
* CVE-2012-1138
>
* CVE-2012-1139
>
* CVE-2011-2895
>
* CVE-2012-1130
>
* CVE-2010-3311
>
* CVE-2012-1134
>
* CVE-2010-2805
>
* CVE-2010-3814
>
* CVE-2012-1127
>
* CVE-2012-1126
>
* CVE-2010-1797
>
* CVE-2010-3855
>
* CVE-2010-2497
>
* CVE-2012-1142
>
* CVE-2010-3053
>
* CVE-2012-1133
>
* CVE-2012-1137
>
* CVE-2011-3439
>
* CVE-2012-1136
>
* CVE-2012-1143
>
* CVE-2011-3256
>
* CVE-2012-1129
>
* CVE-2012-1131
>
* CVE-2010-3054
>
* CVE-2012-1135
>
* CVE-2010-2498
>
* CVE-2010-2499
>
* CVE-2010-2500
>
* CVE-2010-2519
>
* CVE-2010-2520
>
* CVE-2010-2527
>
* CVE-2010-2541
>

Affected Software/OS:
'freetype2' package(s) on SUSE Linux Enterprise Server 10-SP2.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-1797
http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html
http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html
BugTraq ID: 42151
http://www.securityfocus.com/bid/42151
http://www.exploit-db.com/exploits/14538
http://www.f-secure.com/weblog/archives/00002002.html
http://osvdb.org/66828
http://secunia.com/advisories/40807
http://secunia.com/advisories/40816
http://secunia.com/advisories/40982
http://secunia.com/advisories/48951
http://www.ubuntu.com/usn/USN-972-1
http://www.vupen.com/english/advisories/2010/2018
http://www.vupen.com/english/advisories/2010/2106
XForce ISS Database: appleios-pdf-code-execution(60856)
https://exchange.xforce.ibmcloud.com/vulnerabilities/60856
Common Vulnerability Exposure (CVE) ID: CVE-2010-2497
48951
APPLE-SA-2010-11-10-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
DSA-2070
http://www.debian.org/security/2010/dsa-2070
MDVSA-2010:137
http://www.mandriva.com/security/advisories?name=MDVSA-2010:137
[freetype] 20100712 FreeType 2.4.0 has been released
http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html
[oss-security] 20100713 Multiple bugs in freetype
http://marc.info/?l=oss-security&m=127905701201340&w=2
[oss-security] 20100714 Re: Multiple bugs in freetype
http://marc.info/?l=oss-security&m=127909326909362&w=2
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc
http://support.apple.com/kb/HT4435
https://bugzilla.redhat.com/show_bug.cgi?id=613154
https://savannah.nongnu.org/bugs/?30082
https://savannah.nongnu.org/bugs/?30083
Common Vulnerability Exposure (CVE) ID: CVE-2010-2498
1024266
http://securitytracker.com/id?1024266
RHSA-2010:0578
http://www.redhat.com/support/errata/RHSA-2010-0578.html
USN-963-1
http://www.ubuntu.com/usn/USN-963-1
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2
https://bugzilla.redhat.com/show_bug.cgi?id=613160
https://savannah.nongnu.org/bugs/?30106
Common Vulnerability Exposure (CVE) ID: CVE-2010-2499
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8
https://bugzilla.redhat.com/show_bug.cgi?id=613162
https://savannah.nongnu.org/bugs/?30248
https://savannah.nongnu.org/bugs/?30249
Common Vulnerability Exposure (CVE) ID: CVE-2010-2500
RHSA-2010:0577
http://www.redhat.com/support/errata/RHSA-2010-0577.html
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee
https://bugzilla.redhat.com/show_bug.cgi?id=613167
https://savannah.nongnu.org/bugs/?30263
Common Vulnerability Exposure (CVE) ID: CVE-2010-2519
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d
https://bugzilla.redhat.com/show_bug.cgi?id=613194
https://savannah.nongnu.org/bugs/?30306
Common Vulnerability Exposure (CVE) ID: CVE-2010-2520
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b
https://bugzilla.redhat.com/show_bug.cgi?id=613198
https://savannah.nongnu.org/bugs/?30361
Common Vulnerability Exposure (CVE) ID: CVE-2010-2527
http://marc.info/?l=oss-security&m=127912955808467&w=2
http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec
http://savannah.nongnu.org/bugs/?30054
https://bugzilla.redhat.com/show_bug.cgi?id=614557
Common Vulnerability Exposure (CVE) ID: CVE-2010-2541
40982
ADV-2010-2106
USN-972-1
http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2
http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019
https://bugzilla.redhat.com/show_bug.cgi?id=617342
Common Vulnerability Exposure (CVE) ID: CVE-2010-2805
40816
42285
http://www.securityfocus.com/bid/42285
42314
http://secunia.com/advisories/42314
42317
http://secunia.com/advisories/42317
ADV-2010-2018
ADV-2010-3045
http://www.vupen.com/english/advisories/2010/3045
ADV-2010-3046
http://www.vupen.com/english/advisories/2010/3046
APPLE-SA-2010-11-22-1
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
RHSA-2010:0864
http://www.redhat.com/support/errata/RHSA-2010-0864.html
[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more
http://marc.info/?l=oss-security&m=128111955616772&w=2
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375
http://support.apple.com/kb/HT4456
http://support.apple.com/kb/HT4457
https://savannah.nongnu.org/bugs/?30644
Common Vulnerability Exposure (CVE) ID: CVE-2010-3053
SuSE Security Announcement: SUSE-SR:2010:019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-3054
BugTraq ID: 42621
http://www.securityfocus.com/bid/42621
RedHat Security Advisories: RHSA-2010:0736
https://rhn.redhat.com/errata/RHSA-2010-0736.html
RedHat Security Advisories: RHSA-2010:0737
https://rhn.redhat.com/errata/RHSA-2010-0737.html
Common Vulnerability Exposure (CVE) ID: CVE-2010-3311
43700
http://www.securityfocus.com/bid/43700
DSA-2116
http://www.debian.org/security/2010/dsa-2116
MDVSA-2010:201
http://www.mandriva.com/security/advisories?name=MDVSA-2010:201
RHSA-2010:0736
RHSA-2010:0737
SUSE-SR:2010:019
USN-1013-1
http://www.ubuntu.com/usn/USN-1013-1
https://bugzilla.redhat.com/show_bug.cgi?id=623625
Common Vulnerability Exposure (CVE) ID: CVE-2010-3814
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
BugTraq ID: 44643
http://www.securityfocus.com/bid/44643
Debian Security Information: DSA-2155 (Google Search)
http://www.debian.org/security/2011/dsa-2155
http://www.mandriva.com/security/advisories?name=MDVSA-2010:236
http://www.securitytracker.com/id?1024767
http://secunia.com/advisories/43138
http://www.vupen.com/english/advisories/2011/0246
Common Vulnerability Exposure (CVE) ID: CVE-2010-3855
1024745
http://www.securitytracker.com/id?1024745
42289
http://secunia.com/advisories/42289
42295
http://secunia.com/advisories/42295
43138
44214
http://www.securityfocus.com/bid/44214
ADV-2010-3037
http://www.vupen.com/english/advisories/2010/3037
ADV-2011-0246
APPLE-SA-2011-03-09-1
http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html
APPLE-SA-2011-03-09-3
http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html
APPLE-SA-2011-03-21-1
APPLE-SA-2011-07-15-1
http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html
APPLE-SA-2011-07-15-2
http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html
DSA-2155
FEDORA-2010-17728
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html
FEDORA-2010-17742
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050965.html
FEDORA-2010-17755
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html
MDVSA-2010:235
http://www.mandriva.com/security/advisories?name=MDVSA-2010:235
MDVSA-2010:236
RHSA-2010:0889
http://www.redhat.com/support/errata/RHSA-2010-0889.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a
http://support.apple.com/kb/HT4564
http://support.apple.com/kb/HT4565
http://support.apple.com/kb/HT4581
http://support.apple.com/kb/HT4802
http://support.apple.com/kb/HT4803
http://support.avaya.com/css/P8/documents/100122733
https://savannah.nongnu.org/bugs/?31310
Common Vulnerability Exposure (CVE) ID: CVE-2011-2895
1025920
http://securitytracker.com/id?1025920
45544
http://secunia.com/advisories/45544
45568
http://secunia.com/advisories/45568
45599
http://secunia.com/advisories/45599
45986
http://secunia.com/advisories/45986
46127
http://secunia.com/advisories/46127
49124
http://www.securityfocus.com/bid/49124
APPLE-SA-2012-02-01-1
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
APPLE-SA-2012-05-09-1
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
APPLE-SA-2015-12-08-1
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
APPLE-SA-2015-12-08-2
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
APPLE-SA-2015-12-08-3
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
APPLE-SA-2015-12-08-4
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
DSA-2293
http://www.debian.org/security/2011/dsa-2293
MDVSA-2011:153
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
NetBSD-SA2011-007
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
RHSA-2011:1154
http://www.redhat.com/support/errata/RHSA-2011-1154.html
RHSA-2011:1155
http://www.redhat.com/support/errata/RHSA-2011-1155.html
RHSA-2011:1161
http://www.redhat.com/support/errata/RHSA-2011-1161.html
RHSA-2011:1834
http://www.redhat.com/support/errata/RHSA-2011-1834.html
SUSE-SU-2011:1035
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
USN-1191-1
http://www.ubuntu.com/usn/USN-1191-1
[oss-security] 20110810 LZW decompression issues
http://www.openwall.com/lists/oss-security/2011/08/10/10
[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
http://support.apple.com/kb/HT5130
http://support.apple.com/kb/HT5281
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
https://bugzilla.redhat.com/show_bug.cgi?id=725760
https://bugzilla.redhat.com/show_bug.cgi?id=727624
https://support.apple.com/HT205635
https://support.apple.com/HT205637
https://support.apple.com/HT205640
https://support.apple.com/HT205641
openSUSE-SU-2011:1299
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
xorg-lzw-bo(69141)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Common Vulnerability Exposure (CVE) ID: CVE-2011-3256
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
BugTraq ID: 50155
http://www.securityfocus.com/bid/50155
Debian Security Information: DSA-2328 (Google Search)
http://www.debian.org/security/2011/dsa-2328
http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069100.html
http://www.mandriva.com/security/advisories?name=MDVSA-2011:157
SuSE Security Announcement: SUSE-SU-2011:1307 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00008.html
SuSE Security Announcement: openSUSE-SU-2012:0015 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00003.html
SuSE Security Announcement: openSUSE-SU-2012:0047 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00012.html
XForce ISS Database: appleios-freetype-code-exec(70552)
https://exchange.xforce.ibmcloud.com/vulnerabilities/70552
Common Vulnerability Exposure (CVE) ID: CVE-2011-3439
http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html
http://secunia.com/advisories/46921
Common Vulnerability Exposure (CVE) ID: CVE-2012-1126
1026765
http://www.securitytracker.com/id?1026765
48508
http://secunia.com/advisories/48508
48758
http://secunia.com/advisories/48758
48797
http://secunia.com/advisories/48797
48822
http://secunia.com/advisories/48822
48918
http://secunia.com/advisories/48918
48973
http://secunia.com/advisories/48973
52318
http://www.securityfocus.com/bid/52318
APPLE-SA-2012-09-19-1
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
GLSA-201204-04
http://security.gentoo.org/glsa/glsa-201204-04.xml
MDVSA-2012:057
http://www.mandriva.com/security/advisories?name=MDVSA-2012:057
RHSA-2012:0467
http://rhn.redhat.com/errata/RHSA-2012-0467.html
SUSE-SU-2012:0483
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html
SUSE-SU-2012:0484
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html
SUSE-SU-2012:0521
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html
USN-1403-1
http://www.ubuntu.com/usn/USN-1403-1
[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9
http://www.openwall.com/lists/oss-security/2012/03/06/16
http://support.apple.com/kb/HT5503
http://www.mozilla.org/security/announce/2012/mfsa2012-21.html
https://bugzilla.mozilla.org/show_bug.cgi?id=733512
https://bugzilla.redhat.com/show_bug.cgi?id=800581
openSUSE-SU-2012:0489
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html
Common Vulnerability Exposure (CVE) ID: CVE-2012-1127
https://bugzilla.redhat.com/show_bug.cgi?id=800583
Common Vulnerability Exposure (CVE) ID: CVE-2012-1129
https://bugzilla.redhat.com/show_bug.cgi?id=800585
Common Vulnerability Exposure (CVE) ID: CVE-2012-1130
https://bugzilla.redhat.com/show_bug.cgi?id=800587
Common Vulnerability Exposure (CVE) ID: CVE-2012-1131
https://bugzilla.redhat.com/show_bug.cgi?id=800589
Common Vulnerability Exposure (CVE) ID: CVE-2012-1132
https://bugzilla.redhat.com/show_bug.cgi?id=800590
Common Vulnerability Exposure (CVE) ID: CVE-2012-1133
48300
http://secunia.com/advisories/48300
DSA-2428
http://www.debian.org/security/2012/dsa-2428
https://bugzilla.redhat.com/show_bug.cgi?id=800591
Common Vulnerability Exposure (CVE) ID: CVE-2012-1134
https://bugzilla.redhat.com/show_bug.cgi?id=800592
Common Vulnerability Exposure (CVE) ID: CVE-2012-1135
https://bugzilla.redhat.com/show_bug.cgi?id=800593
Common Vulnerability Exposure (CVE) ID: CVE-2012-1136
https://bugzilla.redhat.com/show_bug.cgi?id=800594
Common Vulnerability Exposure (CVE) ID: CVE-2012-1137
https://bugzilla.redhat.com/show_bug.cgi?id=800595
Common Vulnerability Exposure (CVE) ID: CVE-2012-1138
https://bugzilla.redhat.com/show_bug.cgi?id=800597
Common Vulnerability Exposure (CVE) ID: CVE-2012-1139
https://bugzilla.redhat.com/show_bug.cgi?id=800598
Common Vulnerability Exposure (CVE) ID: CVE-2012-1141
https://bugzilla.redhat.com/show_bug.cgi?id=800602
Common Vulnerability Exposure (CVE) ID: CVE-2012-1142
https://bugzilla.redhat.com/show_bug.cgi?id=800604
Common Vulnerability Exposure (CVE) ID: CVE-2012-1143
https://bugzilla.redhat.com/show_bug.cgi?id=800606
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.