Details of VAR-201008-0172

ID

VAR-201008-0172

CVE

CVE-2010-2808

TITLE

FreeType of Mac_Read_POST_Resource Buffer overflow vulnerability in functions

Trust: 0.8

sources: JVNDB: JVNDB-2010-002141

DESCRIPTION

Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font. FreeType is prone to multiple memory-corruption vulnerabilities and a stack-based buffer-overflow vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of an application that uses the affected library. Failed exploit attempts will likely result in denial-of-service conditions. It can be used to rasterize and map characters into bitmaps and provide support for other font-related businesses. Background ========== FreeType is a high-quality and portable font engine. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All FreeType users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=media-libs/freetype-2.4.8" References ========== [ 1 ] CVE-2010-1797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1797 [ 2 ] CVE-2010-2497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2497 [ 3 ] CVE-2010-2498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2498 [ 4 ] CVE-2010-2499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2499 [ 5 ] CVE-2010-2500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2500 [ 6 ] CVE-2010-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2519 [ 7 ] CVE-2010-2520 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2520 [ 8 ] CVE-2010-2527 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2527 [ 9 ] CVE-2010-2541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2541 [ 10 ] CVE-2010-2805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2805 [ 11 ] CVE-2010-2806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2806 [ 12 ] CVE-2010-2807 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2807 [ 13 ] CVE-2010-2808 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2808 [ 14 ] CVE-2010-3053 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3053 [ 15 ] CVE-2010-3054 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3054 [ 16 ] CVE-2010-3311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3311 [ 17 ] CVE-2010-3814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3814 [ 18 ] CVE-2010-3855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3855 [ 19 ] CVE-2011-0226 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0226 [ 20 ] CVE-2011-3256 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3256 [ 21 ] CVE-2011-3439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3439 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201201-09.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-972-1 August 17, 2010 freetype vulnerabilities CVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libfreetype6 2.1.10-1ubuntu2.8 Ubuntu 8.04 LTS: libfreetype6 2.3.5-1ubuntu4.8.04.4 Ubuntu 9.04: libfreetype6 2.3.9-4ubuntu0.3 Ubuntu 9.10: libfreetype6 2.3.9-5ubuntu0.2 Ubuntu 10.04 LTS: libfreetype6 2.3.11-1ubuntu2.2 After a standard system update you need to restart your session to make all the necessary changes. Details follow: It was discovered that FreeType did not correctly handle certain malformed font files. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.diff.gz Size/MD5: 70961 d986f14b69d50fe1884e8dd5f9386731 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.dsc Size/MD5: 719 a91985ecc92b75aa3f3647506bad4039 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz Size/MD5: 1323617 adf145ce51196ad1b3054d5fb032efe6 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_amd64.deb Size/MD5: 717794 f332d5b1974aa53f200e4e6ecf9df088 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_amd64.deb Size/MD5: 440974 afa83868cc67cec692f72a9dc93635ff http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_amd64.deb Size/MD5: 133902 dca56851436275285b4563c96388a070 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_amd64.udeb Size/MD5: 251958 358627e207009dbe0c5be095e7bed18d i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_i386.deb Size/MD5: 677592 ee43f5e97f31b8da57582dbdb1e63033 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_i386.deb Size/MD5: 416328 ef092c08ba2c167af0da25ab743ea663 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_i386.deb Size/MD5: 117302 b2633ed4487657fe349fd3de76fce405 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_i386.udeb Size/MD5: 227436 f55ab8a9bb7e76ad743f6c0fa2974e64 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_powerpc.deb Size/MD5: 708654 ee71c714e62e96a9af4cf7ba909142e6 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_powerpc.deb Size/MD5: 431036 4f1c6a1e28d3a14b593bef37605119ab http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_powerpc.deb Size/MD5: 134260 66ba7d95f551eaadb1bba5a56d76529d http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_powerpc.udeb Size/MD5: 241726 d2c4f13b12c8280b1fad56cdc0965502 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_sparc.deb Size/MD5: 683964 49df9101deb9a317229351d72b5804ec http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_sparc.deb Size/MD5: 411982 efaca20d5deec9e51be023710902852b http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_sparc.deb Size/MD5: 120138 ff723720ed499e40049e3487844b9db3 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_sparc.udeb Size/MD5: 222676 71f172ba71fc507b04e5337d55b32ed6 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.diff.gz Size/MD5: 40949 1cc5014da4db8200edb54df32561fcd0 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.dsc Size/MD5: 907 7f698125814f4ca67a01b0a66d9bcfe9 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5.orig.tar.gz Size/MD5: 1536077 4a5bdbe1ab92f3fe4c4816f9934a5ec2 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_amd64.deb Size/MD5: 694322 c740e1665d09a0c691163a543c8d650b http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_amd64.deb Size/MD5: 362386 5b085e83764fcda129bede2c5c4ca179 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_amd64.deb Size/MD5: 221392 dbebbbaffc086dccf550468fff1daa92 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_amd64.udeb Size/MD5: 258454 f3903d4e43891753f3c6439cd862617f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_i386.deb Size/MD5: 663330 7601af27049730f0f7afcfa30244ae88 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_i386.deb Size/MD5: 347172 de53a441e28e385598d20333ff636026 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_i386.deb Size/MD5: 201266 c9c50bdc87d0a46fc43f3bbca26adec5 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_i386.udeb Size/MD5: 243462 16bb61f604fe48a301f6faeaa094d266 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_lpia.deb Size/MD5: 665120 bf0dcd13b8a171f6a740ca225d943e68 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_lpia.deb Size/MD5: 347512 d2beee3ccf7fe0233825d46cc61ca62d http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_lpia.deb Size/MD5: 205560 7879f630a5356e3d6e9c0609e8008de9 http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_lpia.udeb Size/MD5: 244324 4e10fb5e68a78312eb02c69508120c6a powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_powerpc.deb Size/MD5: 687156 6d36300396fa84d6f889147b0247f385 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_powerpc.deb Size/MD5: 358086 06b9874cc9ba11fdb6feb10b0831e890 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_powerpc.deb Size/MD5: 235578 ce514bab4cbc028a0451742c38c633cd http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_powerpc.udeb Size/MD5: 254526 d50f40a9421b52f4302c4d260170edb3 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_sparc.deb Size/MD5: 658094 184f0f51023baa8ce459fababaa190d9 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_sparc.deb Size/MD5: 332124 5aa036de5269896c893ea8f825329b84 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_sparc.deb Size/MD5: 199782 9323f9209333cf42114e97d3305d901c http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_sparc.udeb Size/MD5: 227810 7657e99ad137ad5ce654b74cfbbfdc10 Updated packages for Ubuntu 9.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.diff.gz Size/MD5: 44032 17b27322a6448d40599c55561209c940 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.dsc Size/MD5: 1311 5124a4df7016a625a631c1ff4661aae9 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz Size/MD5: 1624314 7b2ab681f1a436876ed888041204e478 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_amd64.deb Size/MD5: 729408 788a2af765a8356c4a7c01e893695b0b http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_amd64.udeb Size/MD5: 272950 a1f9a0ad0d036e5a14b073c139ce5408 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_amd64.deb Size/MD5: 407052 bfd510dc0c46a0f25dd3329693ee66a8 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_amd64.deb Size/MD5: 226474 9b8e6c521d8629b9b1db2760209460a3 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_i386.deb Size/MD5: 697818 9176ee8649b8441333d7c5d9359c53a6 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_i386.udeb Size/MD5: 257896 c26f46491d69a174fa9cad126a3201cf http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_i386.deb Size/MD5: 392692 648d0605a187b74291b3233e5e4930e3 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_i386.deb Size/MD5: 198834 0b41da08de5417a7db21e24e730e03d9 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_lpia.deb Size/MD5: 698682 12c20dd647db986bd87a250d8706e8e8 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_lpia.udeb Size/MD5: 257736 dee60e4b8a1824d2aa13364ec0f01602 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_lpia.deb Size/MD5: 392978 e19bcc3c8c0cec76227c64843b01516a http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_lpia.deb Size/MD5: 201636 a558e986b6c6e878e115126e7d3a28a5 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_powerpc.deb Size/MD5: 720040 70c8792cddd9cfe45480f8d760dd0163 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_powerpc.udeb Size/MD5: 265790 b356a500845d045f431db6ef4db4f811 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_powerpc.deb Size/MD5: 400532 91aa4eea6b8e9b67a721b552caab8468 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_powerpc.deb Size/MD5: 227834 fa22e303b8d06dfb99a8c3c1f2980061 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_sparc.deb Size/MD5: 689244 dff22369b1bb07d4ef7c6d9f474149db http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_sparc.udeb Size/MD5: 238164 cb1e597bd0065d2ffbad763a52088c1d http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_sparc.deb Size/MD5: 372422 c6f36ae3119f8f17368d796943ba9908 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_sparc.deb Size/MD5: 201390 c3f108859375787b11190d3c5a1d966b Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.diff.gz Size/MD5: 43530 f78681f1641b93f34d41ff4d6f31eb71 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.dsc Size/MD5: 1311 8a9a302e0a62f2dbe2a62aba456e2108 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz Size/MD5: 1624314 7b2ab681f1a436876ed888041204e478 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_amd64.deb Size/MD5: 731028 3b5ed0ad073cca0c1eee212b0e12f255 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_amd64.udeb Size/MD5: 275110 a23822489a0d7d45152f341b86f0df20 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_amd64.deb Size/MD5: 409362 ba180d650e17df6980ca09b8d1a109e1 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_amd64.deb Size/MD5: 230774 a0a51691eefc0fb6e94d41c3282c3ab2 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_i386.deb Size/MD5: 696892 ad2164ed812ccd9cf7829659cff219c7 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_i386.udeb Size/MD5: 258710 c2d256e87eaee83ab83592247588bee7 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_i386.deb Size/MD5: 393912 c8d04b785d17066229bab50a3c13e1af http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_i386.deb Size/MD5: 195702 02aa03f1f62a61383d829b5bf494b7b0 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_lpia.deb Size/MD5: 699382 ff8200917b43322062d2f3b5f3f6bab8 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_lpia.udeb Size/MD5: 259348 0395bdbaf357d161d0f1d3b257ae4732 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_lpia.deb Size/MD5: 394122 8481f2e278a5da28b28ef0fa79207662 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_lpia.deb Size/MD5: 198546 a3f0a848da83a64d14344b6744b33a90 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_powerpc.deb Size/MD5: 719762 bd7185c852b151794c27f8c2ead4da94 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_powerpc.udeb Size/MD5: 264578 58a77cbf2ae4c2a447a81cce72f6b8c5 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_powerpc.deb Size/MD5: 399118 c943fa66513b862ccb6ac99699c9e33c http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_powerpc.deb Size/MD5: 203834 842dd94d9b3fad52c0b1b6489775d2ea sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb Size/MD5: 691054 557de31093ac67c2dedec97e55998295 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb Size/MD5: 240534 f3c79ed9e84e7169851de3f432b613c3 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_sparc.deb Size/MD5: 374982 e84af1b516f050ee9bdb93c213994943 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb Size/MD5: 195786 599978c8d9cff2525eba228c793833c3 Updated packages for Ubuntu 10.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.diff.gz Size/MD5: 41646 9b97425327300eda74c492034fed50ad http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.dsc Size/MD5: 1313 b7b625334a0d9c926bf34cc83dcc904c http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11.orig.tar.gz Size/MD5: 1709600 5aa22c0bc6aa3815b40a309ead2b9d1b amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_amd64.deb Size/MD5: 739530 db9147ce9477b7ab22374f89d24b24ca http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_amd64.udeb Size/MD5: 277536 35fc46f3c281aee82eeed4e00cfdacdc http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_amd64.deb Size/MD5: 434932 1bf8e620c3008504b87354470e7be9a5 http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_amd64.deb Size/MD5: 221434 4b4fcbd633bf1b3c2151617adae44835 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb Size/MD5: 704694 f58601afde2b4bc257492762654cbf94 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb Size/MD5: 260916 a540a7f9ae973bce66bbd3fdb9a4f849 http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_i386.deb Size/MD5: 419000 d4a78ce7ae146caa59b61f43b27d363c http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_i386.deb Size/MD5: 188710 e94b4202fcfe184fdf81409fe610a42a powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_powerpc.deb Size/MD5: 728090 5f2e98a54cb2a0ac03591c387aacf461 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_powerpc.udeb Size/MD5: 266750 66bf2b146ab219d1b78e1887d0053f2a http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_powerpc.deb Size/MD5: 424614 fd964644b45bbbc79729c9609c4b6bb8 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_powerpc.deb Size/MD5: 196686 b88a8cebff19c95b6c9c161f7d1bb472 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_sparc.deb Size/MD5: 707164 bf26d7cb1aa3f759ca31510f92888053 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_sparc.udeb Size/MD5: 250768 100b4d4b270421fb1dcb503c88b547e8 http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_sparc.deb Size/MD5: 408132 b009cd0f1aafa500f8cc16273e9f2ed9 http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_sparc.deb Size/MD5: 198302 504ec3da9ee2048391e2c4035d7149fc . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2105-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano September 07, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : freetype Vulnerability : several Problem type : local(remote) Debian-specific: no CVE Id(s) : CVE-2010-1797 CVE-2010-2541 CVE-2010-2805 CVE-2010-2806 CVE-2010-2807 CVE-2010-2808 CVE-2010-3053 Several vulnerabilities have been discovered in the FreeType font library. For the stable distribution (lenny), these problems have been fixed in version 2.3.7-2+lenny3 For the unstable distribution (sid) and the testing distribution (squeeze), these problems have been fixed in version 2.4.2-1 We recommend that you upgrade your freetype package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - -------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz Size/MD5 checksum: 39230 95a3841e7258573ca2d3e0075b8e7f73 http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz Size/MD5 checksum: 1567540 c1a9f44fde316470176fd6d66af3a0e8 http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.dsc Size/MD5 checksum: 1219 2a2bf3d4568d92e2a48ebcda38140e73 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_alpha.deb Size/MD5 checksum: 775278 2f2ca060588fc33b6d7baae02201dbd2 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_alpha.deb Size/MD5 checksum: 412188 ad9537e93ed3fb61f9348470940f3ce5 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_alpha.udeb Size/MD5 checksum: 296592 e689b1c4b6bd7779e44d1cd641be9622 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_alpha.deb Size/MD5 checksum: 253786 287a98ca57139d4dee8041eba2881e3b amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_amd64.deb Size/MD5 checksum: 713260 f1d4002e7b6d185ff9f46bc25d67c4c9 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_amd64.deb Size/MD5 checksum: 223170 cb00f76d826be115243faa9dfd0b8a91 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_amd64.udeb Size/MD5 checksum: 269796 40762e686138c27ac92b20174e67012e http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_amd64.deb Size/MD5 checksum: 385848 0294d7e3e1d6b37532f98344a9849cde arm architecture (ARM) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_arm.deb Size/MD5 checksum: 686154 fbe32c7124ba2ce093b31f46736e002b http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_arm.deb Size/MD5 checksum: 357158 0d793d543a33cfa192098234c925d639 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_arm.udeb Size/MD5 checksum: 242196 1cfc9f7dc6a7cd0843aa234bab35b69e http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_arm.deb Size/MD5 checksum: 205120 39ab4dfbc19c8a63affc493e0b5aaf2d armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_armel.deb Size/MD5 checksum: 684568 325686fbc2fba7687da424ada57b9419 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_armel.deb Size/MD5 checksum: 209992 69f6a68fb90658ec74dfd7cc7cc0b766 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_armel.udeb Size/MD5 checksum: 236564 a48afca5c6798d16b140b3362dfac0ca http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_armel.deb Size/MD5 checksum: 353814 76960109910d6de2f74ec0e345f00854 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb Size/MD5 checksum: 254452 a34af74eda0feb2b763cfc6f5b8330c1 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb Size/MD5 checksum: 371586 ec294ffffeb9ddec389e3e988d880534 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb Size/MD5 checksum: 198558 3283ad058d37eed8bca46df743c6a915 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb Size/MD5 checksum: 684624 014d335b35ed41022adb628796a0c122 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_ia64.deb Size/MD5 checksum: 332160 2dbb364f09414e4b0e0f59d9e91d1edc http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_ia64.deb Size/MD5 checksum: 876692 2f6d3421d6c8424523388347c5640666 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_ia64.deb Size/MD5 checksum: 531496 5dd7755f63271f597b64c3f513e8e7f1 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_ia64.udeb Size/MD5 checksum: 415934 ea2ba16157b3504d8b9c8f251b69b16f mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mips.deb Size/MD5 checksum: 717022 9ee8c246af10f4bf7cdf5cdc54010dd6 http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mips.deb Size/MD5 checksum: 213212 3641ad81738e8935c5df2b648383c8e0 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mips.deb Size/MD5 checksum: 369018 18559e273ffcea5614e71ab32b95ef47 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mips.udeb Size/MD5 checksum: 253924 1be1e224f27a780beb6799d55fa74663 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mipsel.deb Size/MD5 checksum: 369772 6181d98166fe1f004fb033f2665ce4af http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mipsel.deb Size/MD5 checksum: 214802 6edbec67ff79e96921d1fe4bf57b0fce http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mipsel.deb Size/MD5 checksum: 712502 4a99ccc68b1913f88901c5e0686fea4f http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mipsel.udeb Size/MD5 checksum: 254212 e30825a94175fd78a561b8365392cbad powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_powerpc.udeb Size/MD5 checksum: 262804 d35ced8ba625f39dc7a04e3e61e0d49d http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_powerpc.deb Size/MD5 checksum: 233882 6e294c19dd0109ee80fe6cd401b6a185 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_powerpc.deb Size/MD5 checksum: 378612 c96a180e7132c543396486b14107cdad http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_powerpc.deb Size/MD5 checksum: 708212 9602a7786b2ebffd1d75d443901574c5 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_s390.deb Size/MD5 checksum: 225190 393c9515f7cd89bcd8b0c38d6d6dd7ac http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_s390.deb Size/MD5 checksum: 384160 4e20bc56e5fc65fb08529d8765d28850 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_s390.deb Size/MD5 checksum: 698798 f589b6b8882d998bb7b89fa1dfa40b3a http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_s390.udeb Size/MD5 checksum: 268272 7b6511b9ad657aa165e906a4fcbfee11 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_sparc.deb Size/MD5 checksum: 200078 29c1833cbde5b4da5c2e35aaf856ab58 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_sparc.udeb Size/MD5 checksum: 235424 e64a8fc3b744253b22161e31fbb6e92a http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_sparc.deb Size/MD5 checksum: 352544 a7f480889460b104bbab16fd8d8da2d5 http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_sparc.deb Size/MD5 checksum: 676520 6d0f57a5bd6457a9b9b85271c7001531 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyGowMACgkQNxpp46476aos+gCggzMhJbnoGyXAhf8hfIrNJLn7 reQAnj4mmmGRshTxck3LwMxdmtAhb8uJ =RkKg -----END PGP SIGNATURE-----

Trust: 2.25

sources: NVD: CVE-2010-2808 // JVNDB: JVNDB-2010-002141 // BID: 42285 // VULHUB: VHN-45413 // PACKETSTORM: 109005 // PACKETSTORM: 92842 // PACKETSTORM: 93637

AFFECTED PRODUCTS

vendor:	freetype	model:	freetype	scope:	lt	version:	2.4.2	Trust: 1.8
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	9.10	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	8.04	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.6.5	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	4.1.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	6.06	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	10.04	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	4.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	9.04	Trust: 1.0
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.6	Trust: 0.9
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.5	Trust: 0.9
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.5.8	Trust: 0.8
vendor:	apple	model:	mac os x	scope:	eq	version:	v10.6 to v10.6.4	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.5.8	Trust: 0.8
vendor:	apple	model:	mac os x server	scope:	eq	version:	v10.6 to v10.6.4	Trust: 0.8
vendor:	apple	model:	tv	scope:	eq	version:	(2nd generation) 4.0 software	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	2.0 to 4.1 (iphone 3g after )	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	2.1 to 4.1 (ipod touch (2nd generation) after )	Trust: 0.8
vendor:	apple	model:	ios	scope:	eq	version:	3.2 to 3.2.2 (ipad for )	Trust: 0.8
vendor:	apple	model:	ipad	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	iphone	scope:	-	version:	-	Trust: 0.8
vendor:	apple	model:	ipod touch	scope:	-	version:	-	Trust: 0.8
vendor:	oracle	model:	opensolaris	scope:	-	version:	-	Trust: 0.8
vendor:	oracle	model:	solaris	scope:	eq	version:	10	Trust: 0.8
vendor:	oracle	model:	solaris	scope:	eq	version:	8	Trust: 0.8
vendor:	oracle	model:	solaris	scope:	eq	version:	9	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	3 (x86-64)	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0	Trust: 0.8
vendor:	cybertrust	model:	asianux server	scope:	eq	version:	4.0 (x86-64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0	Trust: 0.8
vendor:	turbo linux	model:	turbolinux appliance server	scope:	eq	version:	3.0 (x64)	Trust: 0.8
vendor:	turbo linux	model:	turbolinux client	scope:	eq	version:	2008	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11	Trust: 0.8
vendor:	turbo linux	model:	turbolinux server	scope:	eq	version:	11 (x64)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4 (ws)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (as)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	4.8 (es)	Trust: 0.8
vendor:	red hat	model:	enterprise linux	scope:	eq	version:	5 (server)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	4.0	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	5.0 (client)	Trust: 0.8
vendor:	red hat	model:	enterprise linux desktop	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	enterprise linux server	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	enterprise linux workstation	scope:	eq	version:	6	Trust: 0.8
vendor:	red hat	model:	rhel desktop workstation	scope:	eq	version:	5 (client)	Trust: 0.8
vendor:	apple	model:	tv	scope:	eq	version:	2.1	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.4.0	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.11	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.12	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.8	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.7	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.9	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.10	Trust: 0.6
vendor:	freetype	model:	freetype	scope:	eq	version:	2.4.1	Trust: 0.6
vendor:	avaya	model:	proactive contact	scope:	eq	version:	4.1.2	Trust: 0.3
vendor:	debian	model:	linux armel	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura conferencing	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	proactive contact	scope:	eq	version:	4.2	Trust: 0.3
vendor:	avaya	model:	aura system platform	scope:	eq	version:	1.0	Trust: 0.3
vendor:	apple	model:	mac os	scope:	ne	version:	x10.6.5	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node optional	scope:	eq	version:	6	Trust: 0.3
vendor:	debian	model:	linux powerpc	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux hppa	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4	Trust: 0.3
vendor:	suse	model:	linux enterprise sp3	scope:	eq	version:	10	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.6	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.3	Trust: 0.3
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	5.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	6	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.1.10	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.2	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server x86 64	scope:	eq	version:	4.0	Trust: 0.3
vendor:	redhat	model:	enterprise linux server optional	scope:	eq	version:	6	Trust: 0.3
vendor:	avaya	model:	proactive contact	scope:	eq	version:	4.1.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	mandrakesoft	model:	enterprise server	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	avaya	model:	voice portal sp2	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	ne	version:	4.2	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.3	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.7	Trust: 0.3
vendor:	avaya	model:	proactive contact	scope:	eq	version:	4.1	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.2.10	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.4	Trust: 0.3
vendor:	avaya	model:	voice portal sp1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.2	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.3	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	intuity audix lx sp2	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.2	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	8.04	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	3.2	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	2.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.4	Trust: 0.3
vendor:	ubuntu	model:	linux lts powerpc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	avaya	model:	voice portal sp2	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	3.0	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.04	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	4.1	Trust: 0.3
vendor:	debian	model:	linux sparc	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	intuity audix lx sp1	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6	Trust: 0.3
vendor:	avaya	model:	cms server	scope:	eq	version:	15.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	6.06	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp2	scope:	eq	version:	10	Trust: 0.3
vendor:	avaya	model:	aura session manager	scope:	eq	version:	1.1	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2008.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.1	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux workstation optional	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.04	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2010.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	8.04	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.8	Trust: 0.3
vendor:	avaya	model:	cms server	scope:	eq	version:	16.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	6.06	Trust: 0.3
vendor:	avaya	model:	aura system platform	scope:	eq	version:	6.0	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	8.04	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.5	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	ipod touch	scope:	eq	version:	3.1.3	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	3.2	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	5.1	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	4.0	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.1.7	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	4.0.1	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.2	Trust: 0.3
vendor:	debian	model:	linux	scope:	eq	version:	5.0	Trust: 0.3
vendor:	ubuntu	model:	linux lpia	scope:	eq	version:	9.10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.3	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.4	Trust: 0.3
vendor:	avaya	model:	iq	scope:	eq	version:	4.1	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	4.1	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2009.1	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	2.1	Trust: 0.3
vendor:	ubuntu	model:	linux lts sparc	scope:	eq	version:	6.06	Trust: 0.3
vendor:	mandrakesoft	model:	corporate server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	aura application enablement services	scope:	eq	version:	5.2.1	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop optional	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.6	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2010.1	Trust: 0.3
vendor:	suse	model:	linux enterprise	scope:	eq	version:	11	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.3	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	3.0	Trust: 0.3
vendor:	avaya	model:	cms server	scope:	eq	version:	16.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	ne	version:	x10.6.5	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	9.10	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	3.1	Trust: 0.3
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	3.1.2	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	9.10	Trust: 0.3
vendor:	redhat	model:	enterprise linux hpc node	scope:	eq	version:	6	Trust: 0.3
vendor:	apple	model:	ios beta	scope:	eq	version:	4.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura session manager	scope:	eq	version:	5.2	Trust: 0.3
vendor:	debian	model:	linux alpha	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	3.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.4	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	9.10	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.2	Trust: 0.3
vendor:	ubuntu	model:	linux lts lpia	scope:	eq	version:	8.04	Trust: 0.3
vendor:	avaya	model:	cms server	scope:	eq	version:	16.2	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	9.10	Trust: 0.3
vendor:	avaya	model:	aura presence services	scope:	eq	version:	6.0	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	2.0.1	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.7	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.3.4	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	3.1.3	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	9.04	Trust: 0.3
vendor:	avaya	model:	voice portal	scope:	eq	version:	4.1	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.0.6	Trust: 0.3
vendor:	avaya	model:	ir	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	4.0	Trust: 0.3
vendor:	apple	model:	tv	scope:	ne	version:	4.1	Trust: 0.3
vendor:	suse	model:	linux enterprise server	scope:	eq	version:	9	Trust: 0.3
vendor:	debian	model:	linux s/390	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.4	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6	Trust: 0.3
vendor:	ubuntu	model:	linux lpia	scope:	eq	version:	9.04	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.2.1	Trust: 0.3
vendor:	avaya	model:	aura system manager sp1	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	iq	scope:	eq	version:	5	Trust: 0.3
vendor:	avaya	model:	aura system manager	scope:	eq	version:	5.2	Trust: 0.3
vendor:	apple	model:	iphone	scope:	eq	version:	2.0	Trust: 0.3
vendor:	debian	model:	linux amd64	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	aura session manager	scope:	eq	version:	6.0	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.1.9	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.6.1	Trust: 0.3
vendor:	avaya	model:	messaging storage server	scope:	eq	version:	5.2	Trust: 0.3
vendor:	apple	model:	ipad	scope:	eq	version:	0	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.2	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.5	Trust: 0.3
vendor:	avaya	model:	proactive contact	scope:	eq	version:	4.0	Trust: 0.3
vendor:	avaya	model:	iq	scope:	eq	version:	5.1	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	9.04	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2008.0	Trust: 0.3
vendor:	avaya	model:	aura conferencing standard	scope:	eq	version:	6.0	Trust: 0.3
vendor:	avaya	model:	intuity audix lx	scope:	eq	version:	2.0	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.5.8	Trust: 0.3
vendor:	apple	model:	tv	scope:	eq	version:	4.0	Trust: 0.3
vendor:	pardus	model:	linux	scope:	eq	version:	20090	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.2	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	9.04	Trust: 0.3
vendor:	debian	model:	linux ia-32	scope:	eq	version:	5.0	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2010.0	Trust: 0.3
vendor:	debian	model:	linux mipsel	scope:	eq	version:	5.0	Trust: 0.3
vendor:	debian	model:	linux mips	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.1	Trust: 0.3
vendor:	mandrakesoft	model:	enterprise server x86 64	scope:	eq	version:	5	Trust: 0.3
vendor:	apple	model:	mac os	scope:	eq	version:	x10.5.2	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2009.1	Trust: 0.3
vendor:	redhat	model:	enterprise linux desktop	scope:	eq	version:	6	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	9.04	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2.2	Trust: 0.3
vendor:	mandriva	model:	linux mandrake x86 64	scope:	eq	version:	2009.0	Trust: 0.3
vendor:	debian	model:	linux m68k	scope:	eq	version:	5.0	Trust: 0.3
vendor:	apple	model:	ios	scope:	eq	version:	3.2	Trust: 0.3
vendor:	debian	model:	linux arm	scope:	eq	version:	5.0	Trust: 0.3
vendor:	avaya	model:	message networking	scope:	eq	version:	5.2	Trust: 0.3
vendor:	freetype	model:	freetype	scope:	eq	version:	2.0.9	Trust: 0.3
vendor:	mandriva	model:	linux mandrake	scope:	eq	version:	2010.1	Trust: 0.3
vendor:	apple	model:	mac os server	scope:	eq	version:	x10.6.3	Trust: 0.3
vendor:	debian	model:	linux ia-64	scope:	eq	version:	5.0	Trust: 0.3

sources: BID: 42285 // JVNDB: JVNDB-2010-002141 // CNNVD: CNNVD-201008-204 // NVD: CVE-2010-2808

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2010-2808
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2010-2808
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201008-204
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-45413
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2010-2808
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-45413
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-45413 // JVNDB: JVNDB-2010-002141 // CNNVD: CNNVD-201008-204 // NVD: CVE-2010-2808

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.1
problemtype:	CWE-119	Trust: 0.9

sources: VULHUB: VHN-45413 // JVNDB: JVNDB-2010-002141 // NVD: CVE-2010-2808

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 109005 // PACKETSTORM: 92842 // CNNVD: CNNVD-201008-204

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201008-204

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-002141

PATCH

title:	HT4457	url:	http://support.apple.com/kb/HT4457	Trust: 0.8
title:	HT4435	url:	http://support.apple.com/kb/HT4435	Trust: 0.8
title:	HT4456	url:	http://support.apple.com/kb/HT4456	Trust: 0.8
title:	HT4456	url:	http://support.apple.com/kb/HT4456?viewlocale=ja_JP	Trust: 0.8
title:	HT4457	url:	http://support.apple.com/kb/HT4457?viewlocale=ja_JP	Trust: 0.8
title:	HT4435	url:	http://support.apple.com/kb/HT4435?viewlocale=ja_JP	Trust: 0.8
title:	freetype-2.2.1-28.0.1.AXS3	url:	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1271	Trust: 0.8
title:	FreeType 2.4.2 has been released	url:	http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2	Trust: 0.8
title:	2137	url:	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=2137	Trust: 0.8
title:	RHSA-2010:0737	url:	https://rhn.redhat.com/errata/RHSA-2010-0737.html	Trust: 0.8
title:	RHSA-2010:0864	url:	https://rhn.redhat.com/errata/RHSA-2010-0864.html	Trust: 0.8
title:	cve_2010_1797_buffer_overflow	url:	http://blogs.sun.com/security/entry/cve_2010_1797_buffer_overflow	Trust: 0.8
title:	TLSA-2010-34	url:	http://www.turbolinux.co.jp/security/2010/TLSA-2010-34j.txt	Trust: 0.8
title:	VER-2-4-2	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=40258	Trust: 0.6

sources: JVNDB: JVNDB-2010-002141 // CNNVD: CNNVD-201008-204

EXTERNAL IDS

db:	NVD	id:	CVE-2010-2808	Trust: 3.1
db:	BID	id:	42285	Trust: 2.8
db:	SECUNIA	id:	40816	Trust: 2.5
db:	VUPEN	id:	ADV-2010-2018	Trust: 2.5
db:	SECUNIA	id:	42314	Trust: 1.7
db:	SECUNIA	id:	40982	Trust: 1.7
db:	SECUNIA	id:	42317	Trust: 1.7
db:	VUPEN	id:	ADV-2010-3046	Trust: 1.7
db:	VUPEN	id:	ADV-2010-2106	Trust: 1.7
db:	VUPEN	id:	ADV-2010-3045	Trust: 1.7
db:	JVNDB	id:	JVNDB-2010-002141	Trust: 0.8
db:	CNNVD	id:	CNNVD-201008-204	Trust: 0.7
db:	VULHUB	id:	VHN-45413	Trust: 0.1
db:	PACKETSTORM	id:	109005	Trust: 0.1
db:	PACKETSTORM	id:	92842	Trust: 0.1
db:	PACKETSTORM	id:	93637	Trust: 0.1

sources: VULHUB: VHN-45413 // BID: 42285 // JVNDB: JVNDB-2010-002141 // PACKETSTORM: 109005 // PACKETSTORM: 92842 // PACKETSTORM: 93637 // CNNVD: CNNVD-201008-204 // NVD: CVE-2010-2808

REFERENCES

url:	http://secunia.com/advisories/40816	Trust: 2.5
url:	http://www.securityfocus.com/bid/42285	Trust: 2.5
url:	http://www.vupen.com/english/advisories/2010/2018	Trust: 2.5
url:	https://bugzilla.redhat.com/show_bug.cgi?id=621907	Trust: 2.0
url:	http://secunia.com/advisories/40982	Trust: 1.7
url:	http://secunia.com/advisories/42314	Trust: 1.7
url:	http://secunia.com/advisories/42317	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2010/2106	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2010/3045	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2010/3046	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html	Trust: 1.7
url:	http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html	Trust: 1.7
url:	https://rhn.redhat.com/errata/rhsa-2010-0737.html	Trust: 1.7
url:	http://www.redhat.com/support/errata/rhsa-2010-0864.html	Trust: 1.7
url:	http://www.ubuntu.com/usn/usn-972-1	Trust: 1.7
url:	http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2	Trust: 1.7
url:	http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975	Trust: 1.7
url:	http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/news/view	Trust: 1.7
url:	http://support.apple.com/kb/ht4435	Trust: 1.7
url:	http://support.apple.com/kb/ht4456	Trust: 1.7
url:	http://support.apple.com/kb/ht4457	Trust: 1.7
url:	https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019	Trust: 1.7
url:	https://savannah.nongnu.org/bugs/?30658	Trust: 1.7
url:	http://marc.info/?l=oss-security&m=128110167119337&w=2	Trust: 1.6
url:	http://marc.info/?l=oss-security&m=128111955616772&w=2	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2808	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu331391	Trust: 0.8
url:	http://jvn.jp/cert/jvnvu935740	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2808	Trust: 0.8
url:	https://access.redhat.com/errata/rhsa-2010:0864	Trust: 0.6
url:	https://access.redhat.com/security/cve/cve-2010-2808	Trust: 0.6
url:	https://access.redhat.com/errata/rhsa-2010:0737	Trust: 0.6
url:	https://savannah.nongnu.org/bugs/?30656	Trust: 0.3
url:	https://savannah.nongnu.org/bugs/?30657	Trust: 0.3
url:	http://www.freetype.org/	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100114534	Trust: 0.3
url:	http://support.avaya.com/css/p8/documents/100156056	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2805	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2806	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2541	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2808	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-1797	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2807	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3053	Trust: 0.2
url:	http://marc.info/?l=oss-security&m=128110167119337&w=2	Trust: 0.1
url:	http://marc.info/?l=oss-security&m=128111955616772&w=2	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2807	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2520	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0226	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2498	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3311	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2541	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3439	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2527	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-0226	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3814	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3256	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3311	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2519	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3054	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2520	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-3439	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2500	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2497	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2519	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2499	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2498	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2527	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2806	Trust: 0.1
url:	http://security.gentoo.org/glsa/glsa-201201-09.xml	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3054	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1797	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2497	Trust: 0.1
url:	http://security.gentoo.org/	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3855	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3855	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-2500	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3256	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-3053	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2499	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2805	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2010-3814	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-2808	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_powerpc.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_powerpc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_i386.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_amd64.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_sparc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-4ubuntu0.3.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_i386.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_powerpc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10-1ubuntu2.8.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_powerpc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.1.10.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11.orig.tar.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_sparc.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_i386.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_lpia.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_amd64.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_sparc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_lpia.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_lpia.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9.orig.tar.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_i386.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.11-1ubuntu2.2.diff.gz	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.5-1ubuntu4.8.04.4_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_amd64.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_sparc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.diff.gz	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-5ubuntu0.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.1.10-1ubuntu2.8_sparc.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.5-1ubuntu4.8.04.4.dsc	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-5ubuntu0.2_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/freetype2-demos_2.3.5-1ubuntu4.8.04.4_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.9-4ubuntu0.3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.5-1ubuntu4.8.04.4_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.1.10-1ubuntu2.8_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_i386.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.1.10-1ubuntu2.8_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/freetype2-demos_2.3.11-1ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.11-1ubuntu2.2_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-udeb_2.3.9-5ubuntu0.2_amd64.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_sparc.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6_2.3.9-4ubuntu0.3_i386.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/freetype_2.3.9-5ubuntu0.2.dsc	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.11-1ubuntu2.2_powerpc.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6_2.3.9-5ubuntu0.2_lpia.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_i386.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-udeb_2.3.9-4ubuntu0.3_sparc.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_amd64.udeb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.11-1ubuntu2.2_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_powerpc.deb	Trust: 0.1
url:	http://ports.ubuntu.com/pool/universe/f/freetype/libfreetype6-udeb_2.3.5-1ubuntu4.8.04.4_lpia.udeb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.3.9-4ubuntu0.3_amd64.deb	Trust: 0.1
url:	http://security.ubuntu.com/ubuntu/pool/main/f/freetype/libfreetype6-dev_2.1.10-1ubuntu2.8_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_sparc.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_armel.deb	Trust: 0.1
url:	http://www.debian.org/security/faq	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_s390.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_i386.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_alpha.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_armel.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_i386.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_amd64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_powerpc.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_amd64.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_arm.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.dsc	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_s390.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_arm.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7-2+lenny3.diff.gz	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_ia64.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_ia64.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_mipsel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mipsel.udeb	Trust: 0.1
url:	http://packages.debian.org/<pkg>	Trust: 0.1
url:	http://security.debian.org/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype_2.3.7.orig.tar.gz	Trust: 0.1
url:	http://www.debian.org/security/	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_alpha.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_mips.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-udeb_2.3.7-2+lenny3_mips.udeb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6-dev_2.3.7-2+lenny3_armel.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_sparc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/freetype2-demos_2.3.7-2+lenny3_powerpc.deb	Trust: 0.1
url:	http://security.debian.org/pool/updates/main/f/freetype/libfreetype6_2.3.7-2+lenny3_alpha.deb	Trust: 0.1

CREDITS

Robert Swiecki robert@swiecki.net

Trust: 0.6

sources: CNNVD: CNNVD-201008-204

SOURCES

db:	VULHUB	id:	VHN-45413
db:	BID	id:	42285
db:	JVNDB	id:	JVNDB-2010-002141
db:	PACKETSTORM	id:	109005
db:	PACKETSTORM	id:	92842
db:	PACKETSTORM	id:	93637
db:	CNNVD	id:	CNNVD-201008-204
db:	NVD	id:	CVE-2010-2808

LAST UPDATE DATE

2024-11-23T21:08:34.225000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-45413	date:	2023-02-13T00:00:00
db:	BID	id:	42285	date:	2015-04-13T21:45:00
db:	JVNDB	id:	JVNDB-2010-002141	date:	2010-12-02T00:00:00
db:	CNNVD	id:	CNNVD-201008-204	date:	2023-04-26T00:00:00
db:	NVD	id:	CVE-2010-2808	date:	2024-11-21T01:17:24.970

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-45413	date:	2010-08-19T00:00:00
db:	BID	id:	42285	date:	2010-08-06T00:00:00
db:	JVNDB	id:	JVNDB-2010-002141	date:	2010-10-18T00:00:00
db:	PACKETSTORM	id:	109005	date:	2012-01-24T04:19:22
db:	PACKETSTORM	id:	92842	date:	2010-08-17T22:38:46
db:	PACKETSTORM	id:	93637	date:	2010-09-09T02:40:54
db:	CNNVD	id:	CNNVD-201008-204	date:	2010-08-23T00:00:00
db:	NVD	id:	CVE-2010-2808	date:	2010-08-19T18:00:05.327