CVE-2009-0946
Published: 17 April 2009
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Notes
Author | Note |
---|---|
mdeslaur | reproducers don't crash freetype1 |
Priority
Status
Package | Release | Status |
---|---|---|
freetype Launchpad, Ubuntu, Debian |
dapper |
Released
(2.1.10-1ubuntu2.6)
|
hardy |
Released
(2.3.5-1ubuntu4.8.04.2)
|
|
intrepid |
Released
(2.3.7-2ubuntu1.1)
|
|
jaunty |
Released
(2.3.9-4ubuntu0.1)
|
|
upstream |
Released
(2.3.9-5)
|
|
Patches: other: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b other: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e other: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0a05ba257b6ddd87dacf8d54b626e4b360e0a596 other: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 |