CVE-2008-1806

EPSS 3.8%

freetype - multiple vulnerabilities

發布日:2008/6/16修改日:2026/3/9

也稱為:DSA-1635-1DEBIAN-CVE-2008-1806DTSA-139-1

描述

Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.

受影響套件(3)

Debian/freetypefrom 0, < 2.3.6-1
Debian/freetypefrom 0, < 2.2.1-5+etch3
Debian/freetypefrom 0, < 2.3.5-1+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-1806