ID |
CVE-2006-3467
|
Summary |
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.0:-:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.0:-:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.0:beta2:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.0:beta3:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.0:beta3:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.0:beta4:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.0:beta4:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*
-
cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*
cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.5 (as of 13-02-2023 - 02:16) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-189 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
oval
via4
|
accepted | 2013-04-29T04:07:37.728-04:00 | class | vulnerability | contributors | name | Aharon Chernin | organization | SCAP.com, LLC |
name | Dragos Prisaca | organization | G2, Inc. |
| definition_extensions | comment | The operating system installed on the system is Red Hat Enterprise Linux 3 | oval | oval:org.mitre.oval:def:11782 |
comment | CentOS Linux 3.x | oval | oval:org.mitre.oval:def:16651 |
comment | The operating system installed on the system is Red Hat Enterprise Linux 4 | oval | oval:org.mitre.oval:def:11831 |
comment | CentOS Linux 4.x | oval | oval:org.mitre.oval:def:16636 |
comment | Oracle Linux 4.x | oval | oval:org.mitre.oval:def:15990 |
| description | Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861. | family | unix | id | oval:org.mitre.oval:def:10673 | status | accepted | submitted | 2010-07-09T03:56:16-04:00 | title | Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861. | version | 29 |
|
redhat
via4
|
|
refmap
via4
|
apple | APPLE-SA-2009-02-12 | bugtraq | - 20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
- 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
- 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
- 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
- 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
| confirm | | debian | | gentoo | GLSA-200609-04 | mandriva | - MDKSA-2006:129
- MDKSA-2006:148
| misc | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 | sectrack | 1016522 | secunia | - 21062
- 21135
- 21144
- 21232
- 21285
- 21566
- 21567
- 21606
- 21626
- 21701
- 21793
- 21798
- 21836
- 22027
- 22332
- 22875
- 22907
- 23400
- 23939
- 27271
- 33937
| sgi | 20060701-01-U | sunalert | 102705 | suse | - SUSE-SA:2006:045
- SUSE-SR:2007:021
| trustix | 2006-0052 | ubuntu | | vupen | - ADV-2006-4502
- ADV-2006-4522
- ADV-2007-0381
|
|
statements
via4
|
contributor | Mark J Cox | lastmodified | 2007-03-14 | organization | Red Hat | statement | Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. |
|
Last major update |
13-02-2023 - 02:16 |
Published |
21-07-2006 - 14:03 |
Last modified |
13-02-2023 - 02:16 |