RETIRED: Freetype Font Files Integer Overflow Vulnerability
BID:23402
Info
RETIRED: Freetype Font Files Integer Overflow Vulnerability
| Bugtraq ID: | 23402 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-1351 |
| Remote: | No |
| Local: | Yes |
| Published: | Apr 10 2007 12:00AM |
| Updated: | May 10 2007 03:49PM |
| Credit: | This issue was disclosed by iDefense. |
| Vulnerable: |
Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 |
| Not Vulnerable: | |
Discussion
RETIRED: Freetype Font Files Integer Overflow Vulnerability
FreeType is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied input.
An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions.
This BID has been retired because it is a duplicate of BID 23283.
FreeType is prone to a local integer-overflow vulnerability because it fails to adequately bounds-check user-supplied input.
An attacker can exploit this vulnerability to execute arbitrary code with superuser privileges. Failed exploit attempts will likely cause denial-of-service conditions.
This BID has been retired because it is a duplicate of BID 23283.
Exploit / POC
RETIRED: Freetype Font Files Integer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
RETIRED: Freetype Font Files Integer Overflow Vulnerability
Solution:
Please see the referenced advisories for more information.
Solution:
Please see the referenced advisories for more information.
References
RETIRED: Freetype Font Files Integer Overflow Vulnerability
References:
References: