exploits , vulnerabilities , articles , Freetype TT_Load_Simple_Glyph() TTF File Integer Overflow Vulnerability

Title	Freetype TT_Load_Simple_Glyph() TTF File Integer Overflow Vulnerability
Published	2007-05-21-12:00AM
Updated	2007-06-22-09:59AM
Class	Input Validation Error
CVE	CVE-2007-2754
Remote	Yes
Local	No
Credit	Victor Stinner is credited with discovering this issue.
Vulnerable	Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Sun StarSuite 8 Update 7 Sun StarSuite 8 Update 6 Sun StarSuite 8 Sun StarSuite 7.0 PP10 Sun StarSuite 7 PP9 Sun StarSuite 7 Sun StarSuite 6.0 PP7 Sun StarSuite 6 PP6 Sun StarSuite 6 Sun StarOffice 7.0 Sun StarOffice 8.0 Sun StarOffice 8 Update 7 Sun StarOffice 8 Update 6 Sun StarOffice 7.0 PP9 Sun StarOffice 7.0 PP10 Sun StarOffice 6.0 PP7 Sun StarOffice 6.0 PP6 Sun StarOffice 6.0 rPath rPath Linux 1 RedHat Fedora Core6 RedHat Enterprise Linux Desktop Workstation v. 5 client RedHat Enterprise Linux Desktop v.5 client RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux v. 5 server RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux FreeType FreeType 2.3.4 FreeType FreeType 2.2.10 FreeType FreeType 2.2.1 OpenPKG OpenPKG E1.0Solid OpenPKG OpenPKG E1.0Solid Trustix Secure Linux 3.0.5 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 FreeType FreeType 2.1.10 FreeType FreeType 2.1.9 FreeType FreeType 2.1.7 FreeType FreeType 2.0.9 FreeType FreeType 2.0.6 FreeType FreeType 1.3.1 FreeType FreeType 2.2 Foresight Linux Foresight Linux 1.1 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia64 Debian Linux 4.0 ia32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0
Not Vulnerable
Code	Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

2009-01-09 MODx Prior to 0.9.6.3 Multiple Cross Site Scripting Vulnerabilities
2009-01-09 Check Point SecurePlatform Unspecified Remote Security Vulnerability
2009-01-09 Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
2009-01-09 NetGear WG102 SNMP Write Community String Information Disclosure Vulnerability
2009-01-09 Serv-U Remote Denial of Service Vulnerabilities
2009-01-09 QuoteBook Information Disclosure, SQL Injection and HTML Injection Vulnerabilities
2009-01-08 Oracle January 2009 Oracle Critical Patch Update Pre-Release Announcement Multiple Vulnerabilities
2009-01-08 Microsoft January 2009 Advance Notification Multiple Vulnerabilities
2009-01-08 IBM WebSphere DataPower XML Security Gateway XS40 Remote Denial Of Service Vulnerability
2009-01-08 Drupal Project Release Module Multiple Remote Vulnerabilities