Oval Definition:oval:org.opensuse.security:def:20101797
Revision Date:2022-05-20Version:1
Title:CVE-2010-1797
Description:

Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-1797
Mitre CVE-2010-1797
SUSE CVE-2010-1797
openSUSE-SU-2010:0549-1
openSUSE-SU-2010:0549-1
SUSE-SR:2010:016
SUSE-SR:2010:016
SUSE-SU-2012:0553-1
SUSE-SU-2012:0553-1
Platform(s):Open Enterprise Server
openSUSE 11.1
openSUSE 11.2
openSUSE 11.3
SUSE Linux Enterprise 11 Moblin 2.0
SUSE Linux Enterprise 11 Moblin 2.1
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 11 GA
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP2 for x86
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 GA
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server for SAP 10 SP3
SUSE Linux Enterprise Server for SAP Applications 11
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Software Development Kit 11 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • freetype2-2.3.7-25.11.1 is installed
  • OR freetype2-32bit-2.3.7-25.11.1 is installed
  • OR freetype2-x86-2.3.7-25.9.1 is installed
    • Definition Synopsis
  • Release Information
  • sles10-sp3 is installed
  • freetype2-32bit less than 2.1.10-18.22.1
  • OR freetype2-64bit less than 2.1.10-18.22.1
  • OR freetype2-devel-32bit less than 2.1.10-18.22.1
  • OR freetype2-devel-64bit less than 2.1.10-18.22.1
  • OR freetype2-devel less than 2.1.10-18.22.1
  • OR freetype2-x86 less than 2.1.10-18.22.1
  • OR freetype2 less than 2.1.10-18.22.1
  • OR
  • sles10-sp3-sap is installed
  • freetype2-32bit less than 2.1.10-18.22.1
  • OR freetype2-devel-32bit less than 2.1.10-18.22.1
  • OR freetype2-devel less than 2.1.10-18.22.1
  • OR freetype2 less than 2.1.10-18.22.1
  • OR Package Information
  • sles10-sp2-ltss is installed
  • AND
  • freetype2-32bit less than 2.1.10-18.22.21.25
  • OR freetype2-devel-32bit less than 2.1.10-18.22.21.25
  • OR freetype2-devel less than 2.1.10-18.22.21.25
  • OR freetype2 less than 2.1.10-18.22.21.25
  • OR ft2demos less than 2.1.10-19.18.21.7
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.11 is installed
  • OR freetype2-x86-2.3.7-25.9 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.11 is installed
  • OR freetype2-x86-2.3.7-25.30 is installed
  • OR ft2demos-2.3.7-25.30 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.11 is installed
  • OR freetype2-x86-2.3.7-25.9 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.11 is installed
  • OR freetype2-x86-2.3.7-25.30 is installed
  • OR ft2demos-2.3.7-25.30 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.32 is installed
  • OR freetype2-x86-2.3.7-25.30 is installed
  • OR ft2demos-2.3.7-25.32 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.11 is installed
  • OR ft2demos-2.3.7-25.32 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.11 is installed
  • OR freetype2-x86-2.3.7-25.11 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND
  • freetype2-2.3.7-25.11 is installed
  • OR freetype2-32bit-2.3.7-25.11 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • freetype2-2.3.7-25.11.1 is installed
  • OR freetype2-32bit-2.3.7-25.32.1 is installed
  • OR freetype2-x86-2.3.7-25.30.1 is installed
  • OR ft2demos-2.3.7-25.32.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 is installed
  • AND
  • freetype2-2.3.7-25.11.1 is installed
  • OR freetype2-32bit-2.3.7-25.11.1 is installed
  • OR freetype2-x86-2.3.7-25.11.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND
  • freetype2-2.3.7-25.11.1 is installed
  • OR freetype2-32bit-2.3.7-25.11.1 is installed
    • BACK