Launchpad.net

CVE 2009-0946

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

Related bugs and status

CVE-2009-0946 (Candidate) is related to these bugs:

Bug #375781: Fix vulnerability in freetype

Summary				In	Importance	Status
	375781	Fix vulnerability in freetype		The Dell Mini Project	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://git.savannah.gn...
CONFIRM: http://git.savannah.gn...
CONFIRM: http://git.savannah.gn...
CONFIRM: http://git.savannah.gn...
CONFIRM: https://bugzilla.redha...
SECUNIA: 34723
VUPEN: ADV-2009-1058
UBUNTU: USN-767-1
BID: 34550
SECUNIA: 34913
DEBIAN: DSA-1784
SECUNIA: 34967
SUSE: SUSE-SR:2009:010
SECUNIA: 35065
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-05-12
CERT: TA09-133A
SECUNIA: 35074
VUPEN: ADV-2009-1297
REDHAT: RHSA-2009:0329
REDHAT: RHSA-2009:1061
REDHAT: RHSA-2009:1062
SECUNIA: 35198
SECUNIA: 35200
SECUNIA: 35204
GENTOO: GLSA-200905-05
SECUNIA: 35210
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-06-08-1
SECUNIA: 35379
VUPEN: ADV-2009-1522
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-06-17-1
VUPEN: ADV-2009-1621
SUNALERT: 270268
MANDRIVA: MDVSA-2009:243
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2010-11-10-1
OVAL: oval:org.mitre.oval:de...