PublicDate: 2008-06-16 19:41:00 UTC
Candidate: CVE-2008-1807
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1807
 https://ubuntu.com/security/notices/USN-643-1
Description:
 FreeType2 before 2.3.6 allow context-dependent attackers to execute
 arbitrary code via an invalid "number of axes" field in a Printer Font
 Binary (PFB) file, which triggers a free of arbitrary memory locations,
 leading to memory corruption.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/251369
 https://bugs.launchpad.net/bugs/238977
Priority: medium
Discovered-by:
Assigned-to: kees
CVSS: 

Patches_freetype:
upstream_freetype: released (2.3.6-1)
dapper_freetype: released (2.1.10-1ubuntu2.5)
feisty_freetype: released (2.2.1-5ubuntu1.2)
gutsy_freetype: released (2.3.5-1ubuntu4.7.10.1)
hardy_freetype: released (2.3.5-1ubuntu4.8.04.1)
devel_freetype: not-affected (2.3.6-1ubuntu1)