CVE-2006-3467
Published: 21 July 2006
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
Priority
Status
Package | Release | Status |
---|---|---|
freetype Launchpad, Ubuntu, Debian |
dapper |
Released
(2.1.10-1ubuntu2.4)
|
edgy |
Released
(2.2.1-5ubuntu0.2)
|
|
feisty |
Released
(2.2.1-5ubuntu1.1)
|
|
gutsy |
Released
(2.3.5-1ubuntu1)
|
|
hardy |
Released
(2.3.5-1ubuntu1)
|
|
intrepid |
Released
(2.3.5-1ubuntu1)
|
|
jaunty |
Released
(2.3.5-1ubuntu1)
|
|
karmic |
Released
(2.3.5-1ubuntu1)
|
|
upstream |
Released
(2.3.5-1)
|
|
ia32-libs Launchpad, Ubuntu, Debian |
dapper |
Released
(1.4ubuntu20)
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Not vulnerable
(has 2.3.5-1)
|
|
intrepid |
Not vulnerable
|
|
jaunty |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
upstream |
Needs triage
|
|
libxfont Launchpad, Ubuntu, Debian |
dapper |
Released
(1.0.0-0ubuntu3.3)
|
edgy |
Released
(1.2.0-0ubuntu3.1)
|
|
feisty |
Released
(1.2.7-1ubuntu1)
|
|
gutsy |
Released
(1.2.7-1ubuntu1)
|
|
hardy |
Released
(1.2.7-1ubuntu1)
|
|
intrepid |
Released
(1.2.7-1ubuntu1)
|
|
jaunty |
Released
(1.2.7-1ubuntu1)
|
|
karmic |
Released
(1.2.7-1ubuntu1)
|
|
upstream |
Needs triage
|
|
xorg Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
gutsy |
Not vulnerable
|
|
hardy |
Not vulnerable
|
|
intrepid |
Not vulnerable
|
|
jaunty |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
upstream |
Needs triage
|