CVE-2011-3256
Published: 14 October 2011
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226.
Priority
Status
Package | Release | Status |
---|---|---|
freetype Launchpad, Ubuntu, Debian |
hardy |
Released
(2.3.5-1ubuntu4.8.04.7)
|
lucid |
Released
(2.3.11-1ubuntu2.5)
|
|
maverick |
Released
(2.4.2-2ubuntu0.3)
|
|
natty |
Released
(2.4.4-1ubuntu2.2)
|
|
oneiric |
Released
(2.4.4-2ubuntu1.1)
|
|
upstream |
Released
(2.4.7-1)
|
|
Patches: vendor: http://www.debian.org/security/2011/dsa-2328 upstream: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9c98fbf634a83c6ea286395f0e788956eafd5aeb |