FreeType Rendering Engine Position Value Heap Buffer Overflow Vulnerability

Bugtraq ID: 43700
Class: Boundary Condition Error
CVE: CVE-2010-3311
Remote: Yes
Local: No
Published: Oct 04 2010 12:00AM
Updated: May 07 2015 05:10PM
Credit: Marc Schoenefeld
Vulnerable: Ubuntu Ubuntu Linux 9.10 sparc
Ubuntu Ubuntu Linux 9.10 powerpc
Ubuntu Ubuntu Linux 9.10 lpia
Ubuntu Ubuntu Linux 9.10 i386
Ubuntu Ubuntu Linux 9.10 ARM
Ubuntu Ubuntu Linux 9.10 amd64
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu Ubuntu Linux 8.04 LTS amd64
Ubuntu Ubuntu Linux 6.06 LTS sparc
Ubuntu Ubuntu Linux 6.06 LTS powerpc
Ubuntu Ubuntu Linux 6.06 LTS i386
Ubuntu Ubuntu Linux 6.06 LTS amd64
Ubuntu Ubuntu Linux 10.10 powerpc
Ubuntu Ubuntu Linux 10.10 i386
Ubuntu Ubuntu Linux 10.10 ARM
Ubuntu Ubuntu Linux 10.10 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise 11 SP1
SuSE SUSE Linux Enterprise 11
SuSE SUSE Linux Enterprise 10 SP3
S.u.S.E. openSUSE 11.3
S.u.S.E. openSUSE 11.2
S.u.S.E. openSUSE 11.1
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux Desktop version 4
Redhat Enterprise Linux 5 Server
Redhat Enterprise Linux 5 Client
Redhat Desktop 4.0
Redhat Desktop 3.0
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
Mandriva Linux Mandrake 2010.0 x86_64
Mandriva Linux Mandrake 2010.0
Mandriva Linux Mandrake 2009.1 x86_64
Mandriva Linux Mandrake 2009.1
Mandriva Linux Mandrake 2009.0 x86_64
Mandriva Linux Mandrake 2009.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Gentoo Linux
FreeType FreeType 2.3.6
FreeType FreeType 2.3.5
FreeType FreeType 2.3.4
FreeType FreeType 2.3.3
FreeType FreeType 2.2.10
FreeType FreeType 2.2.1
FreeType FreeType 2.1.10
FreeType FreeType 2.1.9
FreeType FreeType 2.1.7
FreeType FreeType 2.0.9
FreeType FreeType 2.0.6
FreeType FreeType 2.2
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Avaya Voice Portal 5.1
Avaya Voice Portal 5.0 SP2
Avaya Voice Portal 5.0 SP1
Avaya Voice Portal 5.0
Avaya Voice Portal 4.1 SP2
Avaya Voice Portal 4.1 SP1
Avaya Voice Portal 4.1
Avaya Voice Portal 4.0
Avaya Proactive Contact 4.1.2
Avaya Proactive Contact 4.1.1
Avaya Proactive Contact 4.2
Avaya Proactive Contact 4.1
Avaya Proactive Contact 4.0
Avaya Messaging Storage Server 5.2
Avaya Messaging Storage Server 5.1
Avaya Messaging Storage Server 5.0
Avaya Messaging Storage Server 4.0
Avaya Message Networking 5.2.1
Avaya Message Networking 5.2
Avaya Message Networking 3.1
Avaya IQ 4.1
Avaya IQ 5.1
Avaya IQ 5
Avaya Intuity AUDIX LX 2.0 SP2
Avaya Intuity AUDIX LX 2.0 SP1
Avaya Intuity AUDIX LX 2.0
Avaya Aura System Platform 6.0
Avaya Aura System Platform 1.0
Avaya Aura System Manager 6.0 SP1
Avaya Aura System Manager 5.2
Avaya Aura Session Manager 6.0
Avaya Aura Session Manager 5.2
Avaya Aura Session Manager 1.1
Avaya Aura Presence Services 6.0
Avaya Aura Conferencing 6.0 Standard
Avaya Aura Conferencing 6.0
Avaya Aura Application Enablement Services 5.2.1
Avaya Aura Application Enablement Services 5.2
Not Vulnerable: FreeType FreeType 2.4


 

Privacy Statement
Copyright 2010, SecurityFocus