2011-07-20 00:55:00 2011-10-26 04:56:19

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
Apache Software Foundation HttpAsyncClient 4.0 alpha2 Apache Software Foundation Apache HTTP Server 2.2 Apache Software Foundation Apache HTTP Server 2.2.10 Apache Software Foundation Apache HTTP Server 2.1.4 Apache Software Foundation Apache HTTP Server 2.1.7 Apache Software Foundation Apache HTTP Server 2.0.57 Apache Software Foundation Apache HTTP Server 2.0.64 Apache Software Foundation Apache HTTP Server 2.1.1 Apache Software Foundation HTTP Server 2.0.61 Apache Software Foundation HTTP Server 2.0.59 Apache Software Foundation Apache HTTP Server 2.3.10 Apache Software Foundation Apache HTTP Server 2.2.25 Apache Software Foundation Apache HTTP Server 2.3.16 Apache Software Foundation Apache HTTP Server 2.3.4 Apache Software Foundation Apache HTTP Server 2.4.0 Apache Software Foundation Apache HTTP Server 2.4.10 Apache Software Foundation Apache HTTP Server 2.2.13 Apache Software Foundation Apache HTTP Server 2.2.22 Apache Software Foundation Apache HTTP Server 2.4.9 Apache Software Foundation Apache HTTP Server 2.2.26 Apache Software Foundation Apache HTTP Server 2.3.13 Apache Software Foundation Apache HTTP Server 2.3.7 Apache Software Foundation Apache HTTP Server 2.4.6 Apache Software Foundation Apache HTTP Server 2.2.9 Apple Iphone os 4.2 (not an official CPE) Apache Software Foundation Apache HTTP Server 3.1 Apache Software Foundation Apache HTTP Server 2.4.12 Apache Software Foundation Apache HTTP Server 2.2.2 Apache Software Foundation Apache HTTP Server 2.2.17 Apache Software Foundation Apache HTTP Server 2.2.14 Apache Software Foundation HttpAsyncClient 4.0 beta3 Apache Software Foundation HttpAsyncClient 4.0 alpha3 Apache Software Foundation HttpAsyncClient 4.0 beta2 Apache Software Foundation HttpAsyncClient 4.0 beta1 Apache Software Foundation HttpAsyncClient 4.0 Apache Software Foundation Apache HTTP Server 2.2.4 Apache Software Foundation HttpAsyncClient 4.0 alpha1