Oval Definition:oval:org.mitre.oval:def:13797
Revision Date:2014-06-30Version:19
Title:USN-767-1 -- freetype vulnerability
Description:Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0946
USN-767-1
USN-767-1
Platform(s):Ubuntu 6.06
Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.04
Product(s):freetype
Definition Synopsis
  • Release section
  • Ubuntu 8.04 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.3.5-1ubuntu4.8.04.2
  • OR libfreetype6-udeb DPKG is earlier than 2.3.5-1ubuntu4.8.04.2
  • OR freetype2-demos DPKG is earlier than 2.3.5-1ubuntu4.8.04.2
  • OR libfreetype6 DPKG is earlier than 2.3.5-1ubuntu4.8.04.2
  • OR Release section
  • Ubuntu 9.04 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.3.9-4ubuntu0.1
  • OR libfreetype6-udeb DPKG is earlier than 2.3.9-4ubuntu0.1
  • OR freetype2-demos DPKG is earlier than 2.3.9-4ubuntu0.1
  • OR libfreetype6 DPKG is earlier than 2.3.9-4ubuntu0.1
  • OR Release section
  • Ubuntu 6.06 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.1.10-1ubuntu2.6
  • OR libfreetype6-udeb DPKG is earlier than 2.1.10-1ubuntu2.6
  • OR freetype2-demos DPKG is earlier than 2.1.10-1ubuntu2.6
  • OR libfreetype6 DPKG is earlier than 2.1.10-1ubuntu2.6
  • OR Release section
  • Ubuntu 8.10 is installed
  • AND Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is lpia
  • OR Installed architecture is powerpc
  • AND Packages section
  • libfreetype6-dev DPKG is earlier than 2.3.7-2ubuntu1.1
  • OR libfreetype6-udeb DPKG is earlier than 2.3.7-2ubuntu1.1
  • OR freetype2-demos DPKG is earlier than 2.3.7-2ubuntu1.1
  • OR libfreetype6 DPKG is earlier than 2.3.7-2ubuntu1.1
    • BACK