CVE-2010-2806
Publication date 12 August 2010
Last updated 24 July 2024
Ubuntu priority
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
Status
Package | Ubuntu Release | Status |
---|---|---|
freetype | 10.04 LTS lucid |
Fixed 2.3.11-1ubuntu2.2
|
9.10 karmic |
Fixed 2.3.9-5ubuntu0.2
|
|
9.04 jaunty |
Fixed 2.3.9-4ubuntu0.3
|
|
8.04 LTS hardy |
Fixed 2.3.5-1ubuntu4.8.04.4
|
|
6.06 LTS dapper |
Fixed 2.1.10-1ubuntu2.8
|