ByteOS Network

CVE Vulnerability Details :

CVE-2010-2806

PUBLISHED

More Info Official Page

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-19 Aug, 2010 | 17:43

Updated At-07 Aug, 2024 | 02:46

▼CVE Numbering Authority (CNA)

Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://www.vupen.com/english/advisories/2010/3045	vdb-entry x_refsource_VUPEN
http://support.apple.com/kb/HT4435	x_refsource_CONFIRM
https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019	x_refsource_CONFIRM
http://support.apple.com/kb/HT4457	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/2018	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/3046	vdb-entry x_refsource_VUPEN
https://rhn.redhat.com/errata/RHSA-2010-0737.html	vendor-advisory x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-972-1	vendor-advisory x_refsource_UBUNTU
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	vendor-advisory x_refsource_APPLE
http://marc.info/?l=oss-security&m=128111955616772&w=2	mailing-list x_refsource_MLIST
http://secunia.com/advisories/42317	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/40816	third-party-advisory x_refsource_SECUNIA
http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2	x_refsource_CONFIRM
https://savannah.nongnu.org/bugs/?30656	x_refsource_CONFIRM
http://secunia.com/advisories/42314	third-party-advisory x_refsource_SECUNIA
http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view	x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2010-0864.html	vendor-advisory x_refsource_REDHAT
http://secunia.com/advisories/40982	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/2106	vdb-entry x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=621980	x_refsource_CONFIRM
http://support.apple.com/kb/HT4456	x_refsource_CONFIRM
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557	x_refsource_CONFIRM
http://www.securityfocus.com/bid/42285	vdb-entry x_refsource_BID
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html	vendor-advisory x_refsource_APPLE
https://rhn.redhat.com/errata/RHSA-2010-0736.html	vendor-advisory x_refsource_REDHAT

Hyperlink: http://www.vupen.com/english/advisories/2010/3045

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://support.apple.com/kb/HT4435

Resource:

x_refsource_CONFIRM

Hyperlink: https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019

Resource:

x_refsource_CONFIRM

Hyperlink: http://support.apple.com/kb/HT4457

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2010/2018

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.vupen.com/english/advisories/2010/3046

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0737.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.ubuntu.com/usn/USN-972-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://marc.info/?l=oss-security&m=128111955616772&w=2

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://secunia.com/advisories/42317

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/40816

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2

Resource:

x_refsource_CONFIRM

Hyperlink: https://savannah.nongnu.org/bugs/?30656

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/42314

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0864.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://secunia.com/advisories/40982

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2010/2106

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=621980

Resource:

x_refsource_CONFIRM

Hyperlink: http://support.apple.com/kb/HT4456

Resource:

x_refsource_CONFIRM

Hyperlink: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/bid/42285

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: https://rhn.redhat.com/errata/RHSA-2010-0736.html

Resource:

vendor-advisory

x_refsource_REDHAT

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://www.vupen.com/english/advisories/2010/3045	vdb-entry x_refsource_VUPEN x_transferred
http://support.apple.com/kb/HT4435	x_refsource_CONFIRM x_transferred
https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019	x_refsource_CONFIRM x_transferred
http://support.apple.com/kb/HT4457	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2010/2018	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2010/3046	vdb-entry x_refsource_VUPEN x_transferred
https://rhn.redhat.com/errata/RHSA-2010-0737.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.ubuntu.com/usn/USN-972-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	vendor-advisory x_refsource_APPLE x_transferred
http://marc.info/?l=oss-security&m=128111955616772&w=2	mailing-list x_refsource_MLIST x_transferred
http://secunia.com/advisories/42317	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/40816	third-party-advisory x_refsource_SECUNIA x_transferred
http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2	x_refsource_CONFIRM x_transferred
https://savannah.nongnu.org/bugs/?30656	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/42314	third-party-advisory x_refsource_SECUNIA x_transferred
http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view	x_refsource_CONFIRM x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0864.html	vendor-advisory x_refsource_REDHAT x_transferred
http://secunia.com/advisories/40982	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2010/2106	vdb-entry x_refsource_VUPEN x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=621980	x_refsource_CONFIRM x_transferred
http://support.apple.com/kb/HT4456	x_refsource_CONFIRM x_transferred
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/bid/42285	vdb-entry x_refsource_BID x_transferred
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html	vendor-advisory x_refsource_APPLE x_transferred
https://rhn.redhat.com/errata/RHSA-2010-0736.html	vendor-advisory x_refsource_REDHAT x_transferred