CVE-2006-3467

2006-07-21 16:03:00 2018-10-18 18:47:39

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

FreeType 2.1

Freetype - Freetype

Advisory	Patch	Confirmed	Link
			ADV-2007-0381
			ADV-2006-4522
			ADV-2006-4502
			http://www.vmware.com/download/esx/esx-254-200610-patch....
			http://www.vmware.com/download/esx/esx-213-200610-patch....
			USN-341-1
			http://www.vmware.com/download/esx/esx-202-200610-patch....
			2006-0052
			USN-324-1
			20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrad...
			20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrad...
			20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrad...
			20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrad...
			20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x...
			RHSA-2006:0635
			RHSA-2006:0634
			RHSA-2006:0500
			MDKSA-2006:148
			MDKSA-2006:129
			DSA-1193
			DSA-1178
			http://support.avaya.com/elmodocs2/security/ASA-2006-284...
			http://support.avaya.com/elmodocs2/security/ASA-2006-186...
			http://support.avaya.com/elmodocs2/security/ASA-2006-176...
			http://support.apple.com/kb/HT3438
			102705
			1016522
			GLSA-200609-04
			21062
			SUSE-SA:2006:045
			SUSE-SR:2007:021
			APPLE-SA-2009-02-12
			http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1905...
			20060701-01-U

Numeric Errors (ID 189)

Related CVE(s) 1 CVE-2006-1861 CVSS 7.5