CVE-2011-3256

EPSS 3.0%

freetype - missing input sanitising

發布日:2011/10/14修改日:2026/4/28

也稱為:DEBIAN-CVE-2011-3256

描述

FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226.

受影響套件(2)

Debian/freetypefrom 0, < 2.4.7-1
Debian/freetypefrom 0, < 2.3.7-2+lenny7

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-3256