FreeType PCF字体处理整数溢出漏洞

admin

0
文章

0
评论

2023-12-14 18:18:30 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

中危 FreeType PCF字体处理整数溢出漏洞

CVE编号

CVE-2006-1861

利用情况

暂无

补丁情况

官方补丁

披露时间

2006-05-23

漏洞描述

FreeType是FreeType团队开发的一个基于C语言的、高质量的且可移植的开源字体引擎库，它可用来将字符栅格化并映射成位图以及提供其他字体相关业务的支持。 FreeType 2.2之前版本中存在多个整数溢出，远程攻击者可借助与（1）bdf/bdflib.c，（2）sfnt/ttcmap.c，（3）cff/cffgload.c相关的攻击向量，以及（4）read_lwfn函数和base/ftmac.c中精心编制的lwfn文件，造成拒绝服务（崩溃）并可能执行任意代码。注：第4项最初由CVE-2006-2493标识。

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html
http://secunia.com/advisories/20100
http://secunia.com/advisories/20525
http://secunia.com/advisories/20591
http://secunia.com/advisories/20638
http://secunia.com/advisories/20791
http://secunia.com/advisories/21000
http://secunia.com/advisories/21062
http://secunia.com/advisories/21135
http://secunia.com/advisories/21385
http://secunia.com/advisories/21701
http://secunia.com/advisories/23939
http://secunia.com/advisories/27162
http://secunia.com/advisories/27167
http://secunia.com/advisories/27271
http://secunia.com/advisories/33937
http://secunia.com/advisories/35200
http://secunia.com/advisories/35204
http://secunia.com/advisories/35233
http://security.gentoo.org/glsa/glsa-200607-02.xml
http://securitytracker.com/id?1016522
http://sourceforge.net/project/shownotes.php?release_id=416463
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm
http://www.debian.org/security/2006/dsa-1095
http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:099
http://www.redhat.com/support/errata/RHSA-2006-0500.html
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://www.redhat.com/support/errata/RHSA-2009-1062.html
http://www.securityfocus.com/archive/1/436836/100/0/threaded
http://www.securityfocus.com/bid/18034
http://www.vupen.com/english/advisories/2006/1868
http://www.vupen.com/english/advisories/2007/0381
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8
https://bugzilla.redhat.com/show_bug.cgi?id=502565
https://exchange.xforce.ibmcloud.com/vulnerabilities/26553
https://issues.rpath.com/browse/RPL-429
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://usn.ubuntu.com/291-1/
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	freetype	freetype	2.0.9	-
	运行在以下环境
	应用	freetype	freetype	2.1.10	-
	运行在以下环境
	应用	freetype	freetype	2.1.3	-
	运行在以下环境
	应用	freetype	freetype	2.1.4	-
	运行在以下环境
	应用	freetype	freetype	2.1.5	-
	运行在以下环境
	应用	freetype	freetype	2.1.6	-
	运行在以下环境
	应用	freetype	freetype	2.1.7	-
	运行在以下环境
	应用	freetype	freetype	2.1.8	-
	运行在以下环境
	应用	freetype	freetype	2.1.8_rc1	-
	运行在以下环境
	应用	freetype	freetype	2.1.9	-
	运行在以下环境
	系统	debian_10	freetype	*		Up to (excluding) 2.2.1-1
	运行在以下环境
	系统	debian_11	freetype	*		Up to (excluding) 2.2.1-1
	运行在以下环境
	系统	debian_12	freetype	*		Up to (excluding) 2.2.1-1
	运行在以下环境
	系统	debian_3.0	freetype	*		Up to (excluding) 2.0.9-1woody1
	运行在以下环境
	系统	debian_3.1	freetype	*		Up to (excluding) 2.1.7-2.5
	运行在以下环境
	系统	debian_sid	freetype	*		Up to (excluding) 2.2.1-1