CVE-2009-0946

FreeType < 2.3.9 - Remote Code Execution via Integer Overflow in Input Handling

Title source: llm

Description

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

References (39)

Core 39

Core References

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34967

Third Party Advisory x_refsource_confirm

http://support.apple.com/kb/HT3639

Broken Link x_refsource_confirm

http://support.apple.com/kb/HT4435

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34913

Patch, Third Party Advisory x_refsource_confirm

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/1621

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/34550

Third Party Advisory x_refsource_confirm

http://support.apple.com/kb/HT3549

Third Party Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2009:243

Broken Link vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html

Third Party Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-767-1

Broken Link vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35198

Patch, Third Party Advisory x_refsource_confirm

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35074

Patch, Third Party Advisory x_refsource_confirm

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/1522

Mailing List, Third Party Advisory vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2009-1062.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35065

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2009/dsa-1784

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35210

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200905-05.xml

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35379

Issue Tracking, Patch, Third Party Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=491384

Third Party Advisory vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149

Release Notes, Third Party Advisory x_refsource_confirm

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/1297

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35200

Third Party Advisory x_refsource_confirm

http://support.apple.com/kb/HT3613

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2009-0329.html

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/1058

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/35204

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/34723

Third Party Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2009-1061.html

Scores

EPSS 0.1638

EPSS Percentile 95.0%

Details

CWE

CWE-190

Status published

Products (21)

apple/iphone_os 1.0.0 - 2.2.1

apple/mac_os_x 10.4.11

apple/mac_os_x 10.5.8

apple/mac_os_x 10.6.0 - 10.6.4

apple/mac_os_x_server 10.4.11

apple/mac_os_x_server 10.5.8

apple/mac_os_x_server 10.6.0 - 10.6.4

apple/safari 4.0

canonical/ubuntu_linux 6.06

canonical/ubuntu_linux 8.04

... and 11 more

Published Apr 17, 2009

Tracked Since Feb 18, 2026