Executive Summary
Summary | |
---|---|
Title | FreeType: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201201-09 | First vendor Publication | 2012-01-23 |
Vendor | Gentoo | Last vendor Modification | 2012-01-23 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201201-09.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201201-09.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
20 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
20 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
15 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
10 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
10 % | CWE-20 | Improper Input Validation |
5 % | CWE-681 | Incorrect Conversion between Numeric Types |
5 % | CWE-191 | Integer Underflow (Wrap or Wraparound) |
5 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
5 % | CWE-129 | Improper Validation of Array Index |
5 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12409 | |||
Oval ID: | oval:org.mitre.oval:def:12409 | ||
Title: | DSA-2155-1 freetype -- several | ||
Description: | Two buffer overflows were found in the Freetype font library, which could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2155-1 CVE-2010-3814 CVE-2010-3855 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12761 | |||
Oval ID: | oval:org.mitre.oval:def:12761 | ||
Title: | DSA-2105-1 freetype -- several | ||
Description: | Several vulnerabilities have been discovered in the FreeType font library. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-1797 Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType allow remote attackers to execute arbitrary code or cause a denial of service via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. CVE-2010-2541 Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file. CVE-2010-2805 The FT_Stream_EnterFrame function in base/ftstream.c in FreeType does not properly validate certain position values, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file CVE-2010-2806 Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType allows remote attackers to cause a denial of service or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. CVE-2010-2807 FreeType uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file. CVE-2010-2808 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File font. CVE-2010-3053 bdf/bdflib.c in FreeType allows remote attackers to cause a denial of service via a crafted BDF font file, related to an attempted modification of a value in a static string. For the stable distribution, these problems have been fixed in version 2.3.7-2+lenny3 For the unstable distribution and the testing distribution, these problems have been fixed in version 2.4.2-1 We recommend that you upgrade your freetype package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2105-1 CVE-2010-1797 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 CVE-2010-3053 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13016 | |||
Oval ID: | oval:org.mitre.oval:def:13016 | ||
Title: | USN-963-1 -- freetype vulnerabilities | ||
Description: | Robert Święcki discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-963-1 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2527 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 6.06 Ubuntu 9.04 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13123 | |||
Oval ID: | oval:org.mitre.oval:def:13123 | ||
Title: | USN-1013-1 -- freetype vulnerabilities | ||
Description: | Marc Schoenefeld discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.10 and 10.04 LTS. Chris Evans discovered that FreeType did not correctly handle certain malformed TrueType font files. If a user were tricked into using a specially crafted TrueType file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10. It was discovered that FreeType did not correctly handle certain malformed TrueType font files. If a user were tricked into using a specially crafted TrueType file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1013-1 CVE-2010-3311 CVE-2010-3814 CVE-2010-3855 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.10 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 6.06 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13149 | |||
Oval ID: | oval:org.mitre.oval:def:13149 | ||
Title: | USN-972-1 -- freetype vulnerabilities | ||
Description: | It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-972-1 CVE-2010-1797 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 6.06 Ubuntu 9.04 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13388 | |||
Oval ID: | oval:org.mitre.oval:def:13388 | ||
Title: | DSA-2070-1 freetype -- several | ||
Description: | Robert Swiecki discovered several vulnerabilities in the FreeType font library, which could lead to the execution of arbitrary code if a malformed font file is processed. Also, several buffer overflows were found in the included demo programs. For the stable distribution, these problems have been fixed in version 2.3.7-2+lenny2. For the unstable distribution, these problems have been fixed in version 2.4.0-1. We recommend that you upgrade your freetype packages. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2070-1 CVE-2010-2497 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2520 CVE-2010-2527 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13897 | |||
Oval ID: | oval:org.mitre.oval:def:13897 | ||
Title: | USN-1173-1 -- freetype vulnerability | ||
Description: | freetype: FreeType 2 is a font engine library FreeType could be made to run programs as your login if it opened a specially crafted font file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1173-1 CVE-2011-0226 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 10.10 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15136 | |||
Oval ID: | oval:org.mitre.oval:def:15136 | ||
Title: | DSA-2294-1 freetype -- missing input sanisiting | ||
Description: | It was discovered that insufficient input saniting in Freetype's code to parse Type1 could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2294-1 CVE-2011-0226 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15179 | |||
Oval ID: | oval:org.mitre.oval:def:15179 | ||
Title: | DSA-2328-1 freetype -- missing input sanitising | ||
Description: | It was discovered that missing input sanitising in Freetype's glyph handling could lead to memory corruption, resulting in denial of service or the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2328-1 CVE-2011-3256 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15271 | |||
Oval ID: | oval:org.mitre.oval:def:15271 | ||
Title: | DSA-2350-1 freetype -- missing input sanitising | ||
Description: | It was discovered that missing input sanitising in Freetype's processing of CID-keyed fonts could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2350-1 CVE-2011-3439 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15440 | |||
Oval ID: | oval:org.mitre.oval:def:15440 | ||
Title: | USN-1267-1 -- FreeType vulnerabilities | ||
Description: | freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs as your login if it opened a specially crafted font file. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1267-1 CVE-2011-3256 CVE-2011-3439 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 8.04 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | FreeType |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21160 | |||
Oval ID: | oval:org.mitre.oval:def:21160 | ||
Title: | RHSA-2011:1085: freetype security update (Important) | ||
Description: | Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1085-01 CVE-2011-0226 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21490 | |||
Oval ID: | oval:org.mitre.oval:def:21490 | ||
Title: | RHSA-2010:0607: freetype security update (Important) | ||
Description: | Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0607-02 CESA-2010:0607 CVE-2010-1797 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21950 | |||
Oval ID: | oval:org.mitre.oval:def:21950 | ||
Title: | RHSA-2011:1402: freetype security update (Important) | ||
Description: | FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1402-01 CESA-2011:1402 CVE-2011-3256 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22011 | |||
Oval ID: | oval:org.mitre.oval:def:22011 | ||
Title: | RHSA-2011:1455: freetype security update (Important) | ||
Description: | FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1455-01 CESA-2011:1455 CVE-2011-3439 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22211 | |||
Oval ID: | oval:org.mitre.oval:def:22211 | ||
Title: | RHSA-2010:0578: freetype security update (Important) | ||
Description: | Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0578-01 CESA-2010:0578 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2527 CVE-2010-2541 | Version: | 81 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22238 | |||
Oval ID: | oval:org.mitre.oval:def:22238 | ||
Title: | RHSA-2010:0864: freetype security update (Important) | ||
Description: | Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0864-02 CVE-2010-2805 CVE-2010-2806 CVE-2010-2808 CVE-2010-3311 | Version: | 55 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22278 | |||
Oval ID: | oval:org.mitre.oval:def:22278 | ||
Title: | RHSA-2010:0889: freetype security update (Important) | ||
Description: | Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0889-01 CESA-2010:0889 CVE-2010-3855 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22379 | |||
Oval ID: | oval:org.mitre.oval:def:22379 | ||
Title: | RHSA-2010:0737: freetype security update (Important) | ||
Description: | Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0737-01 CESA-2010:0737 CVE-2010-2806 CVE-2010-2808 CVE-2010-3054 CVE-2010-3311 | Version: | 55 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22696 | |||
Oval ID: | oval:org.mitre.oval:def:22696 | ||
Title: | ELSA-2010:0578: freetype security update (Important) | ||
Description: | Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0578-01 CVE-2010-2498 CVE-2010-2499 CVE-2010-2500 CVE-2010-2519 CVE-2010-2527 CVE-2010-2541 | Version: | 29 |
Platform(s): | Oracle Linux 5 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22937 | |||
Oval ID: | oval:org.mitre.oval:def:22937 | ||
Title: | ELSA-2010:0607: freetype security update (Important) | ||
Description: | Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0607-02 CVE-2010-1797 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23017 | |||
Oval ID: | oval:org.mitre.oval:def:23017 | ||
Title: | ELSA-2010:0737: freetype security update (Important) | ||
Description: | Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0737-01 CVE-2010-2806 CVE-2010-2808 CVE-2010-3054 CVE-2010-3311 | Version: | 21 |
Platform(s): | Oracle Linux 5 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23072 | |||
Oval ID: | oval:org.mitre.oval:def:23072 | ||
Title: | DEPRECATED: ELSA-2011:1455: freetype security update (Important) | ||
Description: | FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1455-01 CVE-2011-3439 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23180 | |||
Oval ID: | oval:org.mitre.oval:def:23180 | ||
Title: | DEPRECATED: ELSA-2010:0889: freetype security update (Important) | ||
Description: | Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0889-01 CVE-2010-3855 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23196 | |||
Oval ID: | oval:org.mitre.oval:def:23196 | ||
Title: | DEPRECATED: ELSA-2011:1402: freetype security update (Important) | ||
Description: | FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1402-01 CVE-2011-3256 | Version: | 7 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23365 | |||
Oval ID: | oval:org.mitre.oval:def:23365 | ||
Title: | ELSA-2011:1402: freetype security update (Important) | ||
Description: | FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1402-01 CVE-2011-3256 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23494 | |||
Oval ID: | oval:org.mitre.oval:def:23494 | ||
Title: | ELSA-2010:0864: freetype security update (Important) | ||
Description: | Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0864-02 CVE-2010-2805 CVE-2010-2806 CVE-2010-2808 CVE-2010-3311 | Version: | 21 |
Platform(s): | Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23556 | |||
Oval ID: | oval:org.mitre.oval:def:23556 | ||
Title: | ELSA-2010:0889: freetype security update (Important) | ||
Description: | Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0889-01 CVE-2010-3855 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23617 | |||
Oval ID: | oval:org.mitre.oval:def:23617 | ||
Title: | ELSA-2011:1455: freetype security update (Important) | ||
Description: | FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1455-01 CVE-2011-3439 | Version: | 6 |
Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23655 | |||
Oval ID: | oval:org.mitre.oval:def:23655 | ||
Title: | ELSA-2011:1085: freetype security update (Important) | ||
Description: | Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1085-01 CVE-2011-0226 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27706 | |||
Oval ID: | oval:org.mitre.oval:def:27706 | ||
Title: | DEPRECATED: ELSA-2011-1085 -- freetype security update (important) | ||
Description: | [2.3.11-6.el6_1.6] - A little change in configure part - Resolves: #723467 [2.3.11-6.el6_1.5] - Use -fno-strict-aliasing instead of __attribute__((__may_alias__)) - Resolves: #723467 [2.3.11-6.el6_1.4] - Allow FT_Glyph to alias (to pass Rpmdiff) - Resolves: #723467 [2.3.11-6.el6_1.3] - Add freetype-2.3.11-CVE-2011-0226.patch (Add better argument check for 'callothersubr'.) - based on patches by Werner Lemberg, Alexei Podtelezhnikov and Matthias Drochner - Resolves: #723467 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1085 CVE-2011-0226 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | freetype |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2010-08-24 | Foxit Reader <= 4.0 pdf Jailbreak Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-02 | Name : SuSE Update for freetype2 openSUSE-SU-2012:0015-1 (freetype2) File : nvt/gb_suse_2012_0015_1.nasl |
2012-08-02 | Name : SuSE Update for freetype2 openSUSE-SU-2012:0047-1 (freetype2) File : nvt/gb_suse_2012_0047_1.nasl |
2012-07-30 | Name : CentOS Update for freetype CESA-2011:1455 centos4 x86_64 File : nvt/gb_CESA-2011_1455_freetype_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for freetype CESA-2011:1402 centos5 x86_64 File : nvt/gb_CESA-2011_1402_freetype_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for freetype CESA-2011:1402 centos4 x86_64 File : nvt/gb_CESA-2011_1402_freetype_centos4_x86_64.nasl |
2012-07-30 | Name : CentOS Update for freetype CESA-2011:1455 centos5 x86_64 File : nvt/gb_CESA-2011_1455_freetype_centos5_x86_64.nasl |
2012-06-06 | Name : RedHat Update for freetype RHSA-2011:1085-01 File : nvt/gb_RHSA-2011_1085-01_freetype.nasl |
2012-04-26 | Name : Fedora Update for freetype FEDORA-2012-5422 File : nvt/gb_fedora_2012_5422_freetype_fc15.nasl |
2012-04-20 | Name : Fedora Update for freetype FEDORA-2012-4946 File : nvt/gb_fedora_2012_4946_freetype_fc16.nasl |
2012-03-19 | Name : Fedora Update for freetype FEDORA-2011-15927 File : nvt/gb_fedora_2011_15927_freetype_fc16.nasl |
2012-02-12 | Name : Gentoo Security Advisory GLSA 201201-09 (FreeType) File : nvt/glsa_201201_09.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2350-1 (freetype) File : nvt/deb_2350_1.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2328-1 (freetype) File : nvt/deb_2328_1.nasl |
2012-02-06 | Name : Mac OS X Multiple Vulnerabilities (2012-001) File : nvt/gb_macosx_su12-001.nasl |
2011-12-05 | Name : Fedora Update for freetype FEDORA-2011-15964 File : nvt/gb_fedora_2011_15964_freetype_fc15.nasl |
2011-12-02 | Name : Fedora Update for freetype FEDORA-2011-15956 File : nvt/gb_fedora_2011_15956_freetype_fc14.nasl |
2011-11-25 | Name : Mandriva Update for freetype2 MDVSA-2011:177 (freetype2) File : nvt/gb_mandriva_MDVSA_2011_177.nasl |
2011-11-21 | Name : Ubuntu Update for freetype USN-1267-1 File : nvt/gb_ubuntu_USN_1267_1.nasl |
2011-11-21 | Name : CentOS Update for freetype CESA-2011:1455 centos5 i386 File : nvt/gb_CESA-2011_1455_freetype_centos5_i386.nasl |
2011-11-21 | Name : CentOS Update for freetype CESA-2011:1455 centos4 i386 File : nvt/gb_CESA-2011_1455_freetype_centos4_i386.nasl |
2011-11-18 | Name : RedHat Update for freetype RHSA-2011:1455-01 File : nvt/gb_RHSA-2011_1455-01_freetype.nasl |
2011-11-11 | Name : Fedora Update for freetype FEDORA-2011-14749 File : nvt/gb_fedora_2011_14749_freetype_fc15.nasl |
2011-11-11 | Name : CentOS Update for freetype CESA-2011:1402 centos4 i386 File : nvt/gb_CESA-2011_1402_freetype_centos4_i386.nasl |
2011-10-31 | Name : Mandriva Update for freetype2 MDVSA-2011:157 (freetype2) File : nvt/gb_mandriva_MDVSA_2011_157.nasl |
2011-10-31 | Name : CentOS Update for freetype CESA-2011:1402 centos5 i386 File : nvt/gb_CESA-2011_1402_freetype_centos5_i386.nasl |
2011-10-31 | Name : RedHat Update for freetype RHSA-2011:1402-01 File : nvt/gb_RHSA-2011_1402-01_freetype.nasl |
2011-10-20 | Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006) File : nvt/gb_macosx_su11-006.nasl |
2011-09-21 | Name : Debian Security Advisory DSA 2294-1 (freetype) File : nvt/deb_2294_1.nasl |
2011-09-21 | Name : FreeBSD Ports: freetype2 File : nvt/freebsd_freetype23.nasl |
2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
2011-09-07 | Name : Fedora Update for freetype FEDORA-2011-9525 File : nvt/gb_fedora_2011_9525_freetype_fc14.nasl |
2011-08-26 | Name : Mac OS X v10.6.6 Multiple Vulnerabilities (2011-001) File : nvt/secpod_macosx_su11-001.nasl |
2011-08-09 | Name : CentOS Update for freetype CESA-2010:0607 centos5 i386 File : nvt/gb_CESA-2010_0607_freetype_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for freetype CESA-2010:0578 centos5 i386 File : nvt/gb_CESA-2010_0578_freetype_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for freetype CESA-2010:0737 centos5 i386 File : nvt/gb_CESA-2010_0737_freetype_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for freetype CESA-2010:0889 centos5 i386 File : nvt/gb_CESA-2010_0889_freetype_centos5_i386.nasl |
2011-08-02 | Name : Mandriva Update for freetype2 MDVSA-2011:120 (freetype2) File : nvt/gb_mandriva_MDVSA_2011_120.nasl |
2011-07-27 | Name : Ubuntu Update for freetype USN-1173-1 File : nvt/gb_ubuntu_USN_1173_1.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2155-1 (freetype) File : nvt/deb_2155_1.nasl |
2010-12-02 | Name : Fedora Update for freetype FEDORA-2010-17742 File : nvt/gb_fedora_2010_17742_freetype_fc14.nasl |
2010-12-02 | Name : Fedora Update for freetype FEDORA-2010-15878 File : nvt/gb_fedora_2010_15878_freetype_fc14.nasl |
2010-11-23 | Name : Fedora Update for freetype FEDORA-2010-17728 File : nvt/gb_fedora_2010_17728_freetype_fc13.nasl |
2010-11-23 | Name : RedHat Update for freetype RHSA-2010:0889-01 File : nvt/gb_RHSA-2010_0889-01_freetype.nasl |
2010-11-23 | Name : CentOS Update for freetype CESA-2010:0889 centos4 i386 File : nvt/gb_CESA-2010_0889_freetype_centos4_i386.nasl |
2010-11-23 | Name : Fedora Update for freetype FEDORA-2010-17755 File : nvt/gb_fedora_2010_17755_freetype_fc12.nasl |
2010-11-23 | Name : Mandriva Update for freetype2 MDVSA-2010:236 (freetype2) File : nvt/gb_mandriva_MDVSA_2010_236.nasl |
2010-11-16 | Name : Fedora Update for freetype FEDORA-2010-15785 File : nvt/gb_fedora_2010_15785_freetype_fc12.nasl |
2010-11-16 | Name : Ubuntu Update for freetype vulnerabilities USN-1013-1 File : nvt/gb_ubuntu_USN_1013_1.nasl |
2010-10-22 | Name : Fedora Update for freetype FEDORA-2010-15705 File : nvt/gb_fedora_2010_15705_freetype_fc13.nasl |
2010-10-19 | Name : Mandriva Update for freetype2 MDVSA-2010:201 (freetype2) File : nvt/gb_mandriva_MDVSA_2010_201.nasl |
2010-10-19 | Name : CentOS Update for freetype CESA-2010:0736 centos3 i386 File : nvt/gb_CESA-2010_0736_freetype_centos3_i386.nasl |
2010-10-19 | Name : CentOS Update for freetype CESA-2010:0737 centos4 i386 File : nvt/gb_CESA-2010_0737_freetype_centos4_i386.nasl |
2010-10-19 | Name : RedHat Update for freetype RHSA-2010:0736-01 File : nvt/gb_RHSA-2010_0736-01_freetype.nasl |
2010-10-19 | Name : RedHat Update for freetype RHSA-2010:0737-01 File : nvt/gb_RHSA-2010_0737-01_freetype.nasl |
2010-09-01 | Name : FreeType Unspecified Vulnerability (Windows) File : nvt/secpod_freetype_unspecified_vuln_win.nasl |
2010-09-01 | Name : FreeType Multiple denial of service vulnerabilities (Windows) File : nvt/secpod_freetype_mult_dos_vuln_win.nasl |
2010-09-01 | Name : FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows) File : nvt/secpod_freetype_mem_corruption_n_bof_vuln_win.nasl |
2010-08-24 | Name : Mandriva Update for freetype2 MDVSA-2010:157 (freetype2) File : nvt/gb_mandriva_MDVSA_2010_157.nasl |
2010-08-24 | Name : Mandriva Update for freetype2 MDVSA-2010:156 (freetype2) File : nvt/gb_mandriva_MDVSA_2010_156.nasl |
2010-08-20 | Name : CentOS Update for freetype CESA-2010:0607 centos3 i386 File : nvt/gb_CESA-2010_0607_freetype_centos3_i386.nasl |
2010-08-20 | Name : CentOS Update for freetype CESA-2010:0577 centos3 i386 File : nvt/gb_CESA-2010_0577_freetype_centos3_i386.nasl |
2010-08-20 | Name : Ubuntu Update for freetype vulnerabilities USN-972-1 File : nvt/gb_ubuntu_USN_972_1.nasl |
2010-08-13 | Name : Mandriva Update for freetype2 MDVSA-2010:149 (freetype2) File : nvt/gb_mandriva_MDVSA_2010_149.nasl |
2010-08-06 | Name : RedHat Update for freetype RHSA-2010:0607-02 File : nvt/gb_RHSA-2010_0607-02_freetype.nasl |
2010-08-02 | Name : RedHat Update for freetype RHSA-2010:0578-01 File : nvt/gb_RHSA-2010_0578-01_freetype.nasl |
2010-08-02 | Name : RedHat Update for freetype RHSA-2010:0577-01 File : nvt/gb_RHSA-2010_0577-01_freetype.nasl |
2010-07-23 | Name : Ubuntu Update for freetype vulnerabilities USN-963-1 File : nvt/gb_ubuntu_USN_963_1.nasl |
2010-07-22 | Name : Debian Security Advisory DSA 2070-1 (freetype) File : nvt/deb_2070_1.nasl |
0000-00-00 | Name : FreeBSD Ports: freetype2 File : nvt/freebsd_freetype24.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
77014 | Apple iOS CoreGraphics Component src/cid/cidload.c FreeType CID-keyed Type 1 ... |
76324 | Apple iOS CoreGraphics Multiple freetype Font Handling Memory Corruption |
73661 | FreeType t1_decoder_parse_charstrings() Function PostScript Type1 Font Handli... A memory corruption flaw exists in FreeType. The t1_decoder_parse_charstrings() Function fails to sanitize user-supplied input when handling PostScript Type1 fonts, resulting in memory corruption. With a specially crafted PostScript Type1 font, a context-dependent attacker can execute arbitrary code. |
70334 | FreeType libXft base/ftstream.c CFF File Handling Overflow FreeType is prone to an overflow condition. 'base/ftstream.c' in libXft fails to properly sanitize user-supplied input resulting in an integer overflow. With a specially crafted CFF font file, a context-dependent attacker can potentially cause a further heap-based buffer overflow, allowing them to execute arbitrary code. |
69513 | FreeType ttinterp.c Ins_SHZ Function Crafted SHZ Bytecode Overflow FreeType is prone to an overflow condition. The 'Ins_SHZ' function in 'ttinterp.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted SHZ bytecode instruction, such as in a PDF document with a specially crafted font, a context-dependent attacker can potentially execute arbitrary code. |
68704 | FreeType src/truetype/ttgxvar.c ft_var_readpackedpoints() Function TrueType G... FreeType is prone to an overflow condition. The 'ft_var_readpackedpoints()' function in 'truetype/ttgxvar.c' fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted TrueType GX font, a context-dependent attacker can potentially execute arbitrary code. |
67307 | FreeType Nested Standard Encoding Accented Character Call DoS |
67306 | FreeType bdf/bdflib.c Crafted BDF Font File Handling DoS |
67305 | FreeType base/ftobjs.c Mac_Read_POST_Resource Function Crafted LWFN Font Hand... |
67304 | FreeType Bounds Checking Integer Data Type Crafted Font File DoS |
67303 | FreeType type42/t42parse.c t42_parse_sfnts Function Array Index Error FontTyp... |
67302 | FreeType base/ftstream.c FT_Stream_EnterFrame Function Crafted Font File Posi... |
67301 | FreeType ftmulti Demo Program ftmulti.c Crafted Font File Overflow |
67011 | FreeType2 Unspecified CFF Font Handling Arbitrary Code Execution |
66468 | FreeType Glyph Handling Crafted Font File Overflow |
66467 | FreeType pshinter/pshalgo.c psh_glyph_find_strong_points Function Invalid Fre... |
66466 | FreeType base/ftobjs.c Mac_Read_POST_Resource Function Crafted LaserWriter PS... |
66465 | FreeType smooth/ftgray.c gray_render_span Function Overflow |
66464 | FreeType base/ftobjs.c Mac_Read_POST_Resource Function Crafted Font File POST... |
66463 | FreeType truetype/ttinterp.c Ins_IUP Function TrueType Bytecode Support Overflow |
66462 | FreeType Demo Applications Crafted Font File Handling Multiple Overflows |
Snort® IPS/IDS
Date | Description |
---|---|
2017-08-23 | FreeType PostScript Type1 font parsing memory corruption attempt RuleID : 43677 - Revision : 2 - Type : FILE-PDF |
2017-08-23 | FreeType PostScript Type1 font parsing memory corruption attempt RuleID : 43676 - Revision : 2 - Type : FILE-PDF |
2014-05-24 | Foxit Reader CFF CharStrings buffer overflow attempt RuleID : 30771 - Revision : 2 - Type : FILE-PDF |
2014-05-24 | Foxit Reader CFF CharStrings buffer overflow attempt RuleID : 30770 - Revision : 2 - Type : FILE-PDF |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_freetype_20141107.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_libfxt_20141107.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0622.nasl - Type : ACT_GATHER_INFO |
2014-10-12 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-8.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2011-96.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_freetype2-101013.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_freetype2-110303.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_freetype2-110722.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_freetype2-111216.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libfreetype6-100812.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_freetype2-110722.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_freetype2-111216.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-08.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2011-20.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0577.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0578.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0607.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0736.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0737.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0889.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1085.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1402.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1455.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0094.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100730_freetype_for_SL4.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100730_freetype_on_SL3.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100805_freetype_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101004_freetype_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101110_freetype_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20101116_freetype_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110721_freetype_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111025_freetype_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111116_freetype_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes several security vuln... File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201201-09.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_freetype2-111201.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_freetype2-7399.nasl - Type : ACT_GATHER_INFO |
2011-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_freetype2-7872.nasl - Type : ACT_GATHER_INFO |
2011-12-05 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15964.nasl - Type : ACT_GATHER_INFO |
2011-11-29 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15956.nasl - Type : ACT_GATHER_INFO |
2011-11-22 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1455.nasl - Type : ACT_GATHER_INFO |
2011-11-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2350.nasl - Type : ACT_GATHER_INFO |
2011-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15927.nasl - Type : ACT_GATHER_INFO |
2011-11-22 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-177.nasl - Type : ACT_GATHER_INFO |
2011-11-18 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1267-1.nasl - Type : ACT_GATHER_INFO |
2011-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1455.nasl - Type : ACT_GATHER_INFO |
2011-11-14 | Name : The remote Fedora host is missing a security update. File : fedora_2011-14749.nasl - Type : ACT_GATHER_INFO |
2011-11-02 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_54075e3904ac11e1a94ebcaec565249c.nasl - Type : ACT_GATHER_INFO |
2011-10-27 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1402.nasl - Type : ACT_GATHER_INFO |
2011-10-26 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1402.nasl - Type : ACT_GATHER_INFO |
2011-10-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2328.nasl - Type : ACT_GATHER_INFO |
2011-10-24 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-157.nasl - Type : ACT_GATHER_INFO |
2011-10-13 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_7_2.nasl - Type : ACT_GATHER_INFO |
2011-08-31 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9525.nasl - Type : ACT_GATHER_INFO |
2011-08-17 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9542.nasl - Type : ACT_GATHER_INFO |
2011-08-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2294.nasl - Type : ACT_GATHER_INFO |
2011-08-12 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_5d374b01c3ee11e08aa5485d60cb5385.nasl - Type : ACT_GATHER_INFO |
2011-07-28 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_freetype2-110726.nasl - Type : ACT_GATHER_INFO |
2011-07-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-120.nasl - Type : ACT_GATHER_INFO |
2011-07-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1173-1.nasl - Type : ACT_GATHER_INFO |
2011-07-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1085.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_freetype2-110303.nasl - Type : ACT_GATHER_INFO |
2011-04-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_freetype2-7366.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_freetype2-110304.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_10_6_7.nasl - Type : ACT_GATHER_INFO |
2011-03-22 | Name : The remote host is missing a Mac OS X update that fixes several security issues. File : macosx_SecUpd2011-001.nasl - Type : ACT_GATHER_INFO |
2011-02-01 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2155.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_freetype2-100812.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_freetype2-100927.nasl - Type : ACT_GATHER_INFO |
2010-11-24 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0889.nasl - Type : ACT_GATHER_INFO |
2010-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17728.nasl - Type : ACT_GATHER_INFO |
2010-11-22 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17755.nasl - Type : ACT_GATHER_INFO |
2010-11-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0864.nasl - Type : ACT_GATHER_INFO |
2010-11-17 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17742.nasl - Type : ACT_GATHER_INFO |
2010-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0889.nasl - Type : ACT_GATHER_INFO |
2010-11-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-236.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO |
2010-11-05 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1013-1.nasl - Type : ACT_GATHER_INFO |
2010-11-02 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15785.nasl - Type : ACT_GATHER_INFO |
2010-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15705.nasl - Type : ACT_GATHER_INFO |
2010-10-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_freetype2-101013.nasl - Type : ACT_GATHER_INFO |
2010-10-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_freetype2-101013.nasl - Type : ACT_GATHER_INFO |
2010-10-14 | Name : The remote Fedora host is missing a security update. File : fedora_2010-15878.nasl - Type : ACT_GATHER_INFO |
2010-10-14 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-201.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12656.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_freetype2-7121.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_freetype2-7168.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0736.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0737.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2116.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0736.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0737.nasl - Type : ACT_GATHER_INFO |
2010-09-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2105.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12630.nasl - Type : ACT_GATHER_INFO |
2010-08-26 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_freetype2-100812.nasl - Type : ACT_GATHER_INFO |
2010-08-26 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_freetype2-100812.nasl - Type : ACT_GATHER_INFO |
2010-08-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-156.nasl - Type : ACT_GATHER_INFO |
2010-08-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-157.nasl - Type : ACT_GATHER_INFO |
2010-08-18 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-972-1.nasl - Type : ACT_GATHER_INFO |
2010-08-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0577.nasl - Type : ACT_GATHER_INFO |
2010-08-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-149.nasl - Type : ACT_GATHER_INFO |
2010-08-09 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0607.nasl - Type : ACT_GATHER_INFO |
2010-08-09 | Name : A PDF viewer installed on the remote host is affected by a remote code execut... File : foxit_reader_4_1_1_0805.nasl - Type : ACT_GATHER_INFO |
2010-08-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0607.nasl - Type : ACT_GATHER_INFO |
2010-08-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0578.nasl - Type : ACT_GATHER_INFO |
2010-08-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0577.nasl - Type : ACT_GATHER_INFO |
2010-08-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0578.nasl - Type : ACT_GATHER_INFO |
2010-07-30 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-137.nasl - Type : ACT_GATHER_INFO |
2010-07-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-963-1.nasl - Type : ACT_GATHER_INFO |
2010-07-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2070.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:37:09 |
|