| Revision Date: | 2013-04-29 | Version: | 12 | | Title: | FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption. | | Description: | FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2008-1807
| | Platform(s): | CentOS Linux 3
CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
| Product(s): | | | Definition Synopsis | | OS Section: RHEL3, CentOS3 RHEL3 or CentOS3
The operating system installed on the system is Red Hat Enterprise Linux 3
OR CentOS Linux 3.x
AND Configuration section
freetype is earlier than 0:2.1.4-10.el3
OR freetype-devel is earlier than 0:2.1.4-10.el3
OR OS Section: RHEL4, CentOS4, Oracle Linux 4
RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND Configuration section
freetype is earlier than 0:2.1.9-8.el4.6
OR freetype-demos is earlier than 0:2.1.9-8.el4.6
OR freetype-utils is earlier than 0:2.1.9-8.el4.6
OR freetype-devel is earlier than 0:2.1.9-8.el4.6
OR OS Section: RHEL5, CentOS5, Oracle Linux 5
RHEL5, CentOS5 or Oracle Linux 5
The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
freetype is earlier than 0:2.2.1-20.el5_2
OR freetype-demos is earlier than 0:2.2.1-20.el5_2
OR freetype-devel is earlier than 0:2.2.1-20.el5_2
|
|