CVE-2007-2754

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-2754
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 Patch
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html Exploit
http://osvdb.org/36509
http://secunia.com/advisories/25350
http://secunia.com/advisories/25353
http://secunia.com/advisories/25386
http://secunia.com/advisories/25463
http://secunia.com/advisories/25483
http://secunia.com/advisories/25609
http://secunia.com/advisories/25612
http://secunia.com/advisories/25654
http://secunia.com/advisories/25705
http://secunia.com/advisories/25808
http://secunia.com/advisories/25894
http://secunia.com/advisories/25905
http://secunia.com/advisories/26129
http://secunia.com/advisories/26305
http://secunia.com/advisories/28298
http://secunia.com/advisories/30161
http://secunia.com/advisories/35074
http://secunia.com/advisories/35200
http://secunia.com/advisories/35204
http://secunia.com/advisories/35233
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1
http://support.apple.com/kb/HT3549
http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm
http://www.debian.org/security/2007/dsa-1302
http://www.debian.org/security/2007/dsa-1334
http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml
http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:121
http://www.novell.com/linux/security/advisories/2007_41_freetype2.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html
http://www.redhat.com/support/errata/RHSA-2007-0403.html
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://www.redhat.com/support/errata/RHSA-2009-1062.html
http://www.securityfocus.com/archive/1/469463/100/200/threaded
http://www.securityfocus.com/archive/1/471286/30/6180/threaded
http://www.securityfocus.com/bid/24074
http://www.securitytracker.com/id?1018088
http://www.trustix.org/errata/2007/0019/
http://www.ubuntu.com/usn/usn-466-1
http://www.us-cert.gov/cas/techalerts/TA09-133A.html US Government Resource
http://www.vupen.com/english/advisories/2007/1894
http://www.vupen.com/english/advisories/2007/2229
http://www.vupen.com/english/advisories/2008/0049
http://www.vupen.com/english/advisories/2009/1297
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=502565
https://issues.rpath.com/browse/RPL-1390
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 Patch
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html Exploit
http://osvdb.org/36509
http://secunia.com/advisories/25350
http://secunia.com/advisories/25353
http://secunia.com/advisories/25386
http://secunia.com/advisories/25463
http://secunia.com/advisories/25483
http://secunia.com/advisories/25609
http://secunia.com/advisories/25612
http://secunia.com/advisories/25654
http://secunia.com/advisories/25705
http://secunia.com/advisories/25808
http://secunia.com/advisories/25894
http://secunia.com/advisories/25905
http://secunia.com/advisories/26129
http://secunia.com/advisories/26305
http://secunia.com/advisories/28298
http://secunia.com/advisories/30161
http://secunia.com/advisories/35074
http://secunia.com/advisories/35200
http://secunia.com/advisories/35204
http://secunia.com/advisories/35233
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1
http://support.apple.com/kb/HT3549
http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm
http://www.debian.org/security/2007/dsa-1302
http://www.debian.org/security/2007/dsa-1334
http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml
http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:121
http://www.novell.com/linux/security/advisories/2007_41_freetype2.html
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html
http://www.redhat.com/support/errata/RHSA-2007-0403.html
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://www.redhat.com/support/errata/RHSA-2009-1062.html
http://www.securityfocus.com/archive/1/469463/100/200/threaded
http://www.securityfocus.com/archive/1/471286/30/6180/threaded
http://www.securityfocus.com/bid/24074
http://www.securitytracker.com/id?1018088
http://www.trustix.org/errata/2007/0019/
http://www.ubuntu.com/usn/usn-466-1
http://www.us-cert.gov/cas/techalerts/TA09-133A.html US Government Resource
http://www.vupen.com/english/advisories/2007/1894
http://www.vupen.com/english/advisories/2007/2229
http://www.vupen.com/english/advisories/2008/0049
http://www.vupen.com/english/advisories/2009/1297
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=502565
https://issues.rpath.com/browse/RPL-1390
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html
Configurations

Configuration 1 (hide)

cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:31

Type Values Removed Values Added
References () ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc - () ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc -
References () http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 - Patch () http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 - Patch
References () http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html - () http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html -
References () http://lists.apple.com/archives/security-announce/2009/May/msg00002.html - () http://lists.apple.com/archives/security-announce/2009/May/msg00002.html -
References () http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html - Exploit () http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html - Exploit
References () http://osvdb.org/36509 - () http://osvdb.org/36509 -
References () http://secunia.com/advisories/25350 - () http://secunia.com/advisories/25350 -
References () http://secunia.com/advisories/25353 - () http://secunia.com/advisories/25353 -
References () http://secunia.com/advisories/25386 - () http://secunia.com/advisories/25386 -
References () http://secunia.com/advisories/25463 - () http://secunia.com/advisories/25463 -
References () http://secunia.com/advisories/25483 - () http://secunia.com/advisories/25483 -
References () http://secunia.com/advisories/25609 - () http://secunia.com/advisories/25609 -
References () http://secunia.com/advisories/25612 - () http://secunia.com/advisories/25612 -
References () http://secunia.com/advisories/25654 - () http://secunia.com/advisories/25654 -
References () http://secunia.com/advisories/25705 - () http://secunia.com/advisories/25705 -
References () http://secunia.com/advisories/25808 - () http://secunia.com/advisories/25808 -
References () http://secunia.com/advisories/25894 - () http://secunia.com/advisories/25894 -
References () http://secunia.com/advisories/25905 - () http://secunia.com/advisories/25905 -
References () http://secunia.com/advisories/26129 - () http://secunia.com/advisories/26129 -
References () http://secunia.com/advisories/26305 - () http://secunia.com/advisories/26305 -
References () http://secunia.com/advisories/28298 - () http://secunia.com/advisories/28298 -
References () http://secunia.com/advisories/30161 - () http://secunia.com/advisories/30161 -
References () http://secunia.com/advisories/35074 - () http://secunia.com/advisories/35074 -
References () http://secunia.com/advisories/35200 - () http://secunia.com/advisories/35200 -
References () http://secunia.com/advisories/35204 - () http://secunia.com/advisories/35204 -
References () http://secunia.com/advisories/35233 - () http://secunia.com/advisories/35233 -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1 - () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1 -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1 - () http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1 -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1 - () http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1 -
References () http://support.apple.com/kb/HT3549 - () http://support.apple.com/kb/HT3549 -
References () http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm - () http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm -
References () http://www.debian.org/security/2007/dsa-1302 - () http://www.debian.org/security/2007/dsa-1302 -
References () http://www.debian.org/security/2007/dsa-1334 - () http://www.debian.org/security/2007/dsa-1334 -
References () http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml - () http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml -
References () http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml - () http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml -
References () http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml - () http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2007:121 - () http://www.mandriva.com/security/advisories?name=MDKSA-2007:121 -
References () http://www.novell.com/linux/security/advisories/2007_41_freetype2.html - () http://www.novell.com/linux/security/advisories/2007_41_freetype2.html -
References () http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html - () http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html -
References () http://www.redhat.com/support/errata/RHSA-2007-0403.html - () http://www.redhat.com/support/errata/RHSA-2007-0403.html -
References () http://www.redhat.com/support/errata/RHSA-2009-0329.html - () http://www.redhat.com/support/errata/RHSA-2009-0329.html -
References () http://www.redhat.com/support/errata/RHSA-2009-1062.html - () http://www.redhat.com/support/errata/RHSA-2009-1062.html -
References () http://www.securityfocus.com/archive/1/469463/100/200/threaded - () http://www.securityfocus.com/archive/1/469463/100/200/threaded -
References () http://www.securityfocus.com/archive/1/471286/30/6180/threaded - () http://www.securityfocus.com/archive/1/471286/30/6180/threaded -
References () http://www.securityfocus.com/bid/24074 - () http://www.securityfocus.com/bid/24074 -
References () http://www.securitytracker.com/id?1018088 - () http://www.securitytracker.com/id?1018088 -
References () http://www.trustix.org/errata/2007/0019/ - () http://www.trustix.org/errata/2007/0019/ -
References () http://www.ubuntu.com/usn/usn-466-1 - () http://www.ubuntu.com/usn/usn-466-1 -
References () http://www.us-cert.gov/cas/techalerts/TA09-133A.html - US Government Resource () http://www.us-cert.gov/cas/techalerts/TA09-133A.html - US Government Resource
References () http://www.vupen.com/english/advisories/2007/1894 - () http://www.vupen.com/english/advisories/2007/1894 -
References () http://www.vupen.com/english/advisories/2007/2229 - () http://www.vupen.com/english/advisories/2007/2229 -
References () http://www.vupen.com/english/advisories/2008/0049 - () http://www.vupen.com/english/advisories/2008/0049 -
References () http://www.vupen.com/english/advisories/2009/1297 - () http://www.vupen.com/english/advisories/2009/1297 -
References () https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 - Exploit () https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 - Exploit
References () https://bugzilla.redhat.com/show_bug.cgi?id=502565 - () https://bugzilla.redhat.com/show_bug.cgi?id=502565 -
References () https://issues.rpath.com/browse/RPL-1390 - () https://issues.rpath.com/browse/RPL-1390 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532 -
References () https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html - () https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html -
References () https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html - () https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html -
Information

Published : 2007-05-17 22:30

Updated : 2024-11-21 00:31

NVD link : CVE-2007-2754

Mitre link : CVE-2007-2754

CVE.ORG link : CVE-2007-2754

JSON object : View

Products Affected

freetype

  • freetype
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024