CVE-2006-2661

Severity

50%

Complexity

99%

Confidentiality

48%

This vulnerability is addressed in the following product release: FreeType, FreeType, 2.2

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.

This vulnerability is addressed in the following product release: FreeType, FreeType, 2.2

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

FreeType

First reported 18 years ago

2006-05-30 19:02:00

Last updated 6 years ago

2018-10-18 16:41:00

Affected Software

FreeType 2.0.9

2.0.9

FreeType 2.1

2.1

FreeType 2.1.3

2.1.3

FreeType 2.1.4

2.1.4

FreeType 2.1.5

2.1.5

FreeType 2.1.6

2.1.6

FreeType 2.1.7

2.1.7

FreeType 2.1.8

2.1.8

FreeType 2.1.8 rc1

2.1.8_rc1

FreeType 2.1.10

2.1.10

References

20060701-01-U

SUSE-SA:2006:037

20525

20591

20638

20791

21062

21135

21385

21701

23939

1016520

102705

http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm

DSA-1095

MDKSA-2006:099

RHSA-2006:0500

20060612 rPSA-2006-0100-1 freetype

18329

ADV-2007-0381

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676

Patch

https://issues.rpath.com/browse/RPL-429

oval:org.mitre.oval:def:11692

USN-291-1

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.