Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2805 to
the following vulnerability:
Reference: MLIST:[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more
Reference: URL: http://marc.info/?l=oss-security&m=128111955616772&w=2
Reference: CONFIRM: http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2
Reference: CONFIRM: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375
Reference: CONFIRM: http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
Reference: CONFIRM: https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019
Reference: CONFIRM: https://savannah.nongnu.org/bugs/?30644
Reference: URL: http://www.ubuntu.com/usn/USN-972-1
Reference: URL: http://www.securityfocus.com/bid/42285
Reference: URL: http://secunia.com/advisories/40816
Reference: URL: http://secunia.com/advisories/40982
Reference: URL: http://www.vupen.com/english/advisories/2010/2018
Reference: URL: http://www.vupen.com/english/advisories/2010/2106
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType
before 2.4.2 does not properly validate certain position values, which
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted font file.
Created attachment 449832 [details]
This issue did NOT affect the versions of the freetype package, as shipped
with Red Hat Enterprise Linux 3, 4, or 5.
This issue affects the versions of the freetype package, as shipped
with Fedora release of 12 and 13.
This issue did NOT affect the versions of the mingw32-freetype package,
as shipped with Fedora release of 12 and 13 and as present within EPEL-5
Not vulnerable. This issue did not affect the versions of freetype as
shipped with Red Hat Enterprise Linux 3, 4, or 5.
Created freetype tracking bugs for this issue
Affects: fedora-all [bug 638522]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2010:0864 https://rhn.redhat.com/errata/RHSA-2010-0864.html