Oval Definition:	oval:org.mitre.oval:def:22379
Revision Date: 2014-02-24 Version: 61 Title: RHSA-2010:0737: freetype security update (Important) Description: Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2010:0737 CVE-2010-2806 CVE-2010-2808 CVE-2010-3054 CVE-2010-3311 RHSA-2010:0737-01 Platform(s): CentOS Linux 5 Red Hat Enterprise Linux 5 Product(s): freetype Definition Synopsis Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x AND Packages section freetype is earlier than 0:2.2.1-28.el5_5 OR freetype-demos is earlier than 0:2.2.1-28.el5_5 OR freetype-devel is earlier than 0:2.2.1-28.el5_5
BACK