| Descripción: | Description:
The remote host is missing an update to freetype2
announced via advisory MDVSA-2010:157.
Multiple vulnerabilities has been found and corrected in freetype2:
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType
before 2.4.2 does not properly validate certain position values, which
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted font file
(CVE-2010-2805).
Array index error in the t42_parse_sfnts function in type42/t42parse.c
in FreeType before 2.4.2 allows remote attackers to cause a denial of
service (application crash) or possibly execute arbitrary code via
negative size values for certain strings in FontType42 font files,
leading to a heap-based buffer overflow (CVE-2010-2806).
FreeType before 2.4.2 uses incorrect integer data types during bounds
checking, which allows remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted
font file (CVE-2010-2807).
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c
in FreeType before 2.4.2 allows remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN)
font (CVE-2010-2808).
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause
a denial of service (application crash) via a crafted BDF font file,
related to an attempted modification of a value in a static string
(CVE-2010-3053).
The updated packages have been patched to correct these issues.
Affected: 2010.0, 2010.1
Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:157
Risk factor : High
CVSS Score:
6.8
|
