Oval Definition:oval:org.mitre.oval:def:13123
Revision Date:2014-06-30Version:20
Title:USN-1013-1 -- freetype vulnerabilities
Description:Marc Schoenefeld discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. Chris Evans discovered that FreeType did not correctly handle certain malformed TrueType font files. If a user were tricked into using a specially crafted TrueType file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10. It was discovered that FreeType did not correctly handle certain malformed TrueType font files. If a user were tricked into using a specially crafted TrueType file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-3311
CVE-2010-3814
CVE-2010-3855
USN-1013-1
USN-1013-1
Platform(s):Ubuntu 10.04
Ubuntu 10.10
Ubuntu 6.06
Ubuntu 8.04
Ubuntu 9.10
Product(s):freetype
Definition Synopsis
  • Release section
  • Ubuntu 8.04 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.3.5-1ubuntu4.8.04.6
  • OR libfreetype6-udeb DPKG is earlier than 2.3.5-1ubuntu4.8.04.6
  • OR freetype2-demos DPKG is earlier than 2.3.5-1ubuntu4.8.04.6
  • OR libfreetype6 DPKG is earlier than 2.3.5-1ubuntu4.8.04.6
  • OR Release section
  • Ubuntu 10.10 is installed
  • AND Supported architectures section
  • Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is amd64
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.4.2-2ubuntu0.1
  • OR libfreetype6-udeb DPKG is earlier than 2.4.2-2ubuntu0.1
  • OR freetype2-demos DPKG is earlier than 2.4.2-2ubuntu0.1
  • OR libfreetype6 DPKG is earlier than 2.4.2-2ubuntu0.1
  • OR Release section
  • Ubuntu 10.04 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is amd64
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.3.11-1ubuntu2.4
  • OR libfreetype6-udeb DPKG is earlier than 2.3.11-1ubuntu2.4
  • OR freetype2-demos DPKG is earlier than 2.3.11-1ubuntu2.4
  • OR libfreetype6 DPKG is earlier than 2.3.11-1ubuntu2.4
  • OR Release section
  • Ubuntu 9.10 is installed
  • AND Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is armel
  • OR Installed architecture is lpia
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.3.9-5ubuntu0.4
  • OR libfreetype6-udeb DPKG is earlier than 2.3.9-5ubuntu0.4
  • OR freetype2-demos DPKG is earlier than 2.3.9-5ubuntu0.4
  • OR libfreetype6 DPKG is earlier than 2.3.9-5ubuntu0.4
  • OR Release section
  • Ubuntu 6.06 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.1.10-1ubuntu2.10
  • OR libfreetype6-udeb DPKG is earlier than 2.1.10-1ubuntu2.10
  • OR freetype2-demos DPKG is earlier than 2.1.10-1ubuntu2.10
  • OR libfreetype6 DPKG is earlier than 2.1.10-1ubuntu2.10
    • BACK