Launchpad.net

CVE 2010-2498

The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.

Related bugs and status

CVE-2010-2498 (Candidate) is related to these bugs:

Bug #700198: CVE-2009-0793

		In	Importance	Status
700198	CVE-2009-0793	lcms (Ubuntu)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu Hardy)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Hardy)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Hardy)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Hardy)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Hardy)	Undecided	Invalid
700198	CVE-2009-0793	gimp (Ubuntu Karmic)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Karmic)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Karmic)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Karmic)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Karmic)	Undecided	Invalid
700198	CVE-2009-0793	gimp (Ubuntu Lucid)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Lucid)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Lucid)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Lucid)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Lucid)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu Maverick)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu Natty)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Natty)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Natty)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Natty)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Natty)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-2498

Related bugs and status

Related bugs

References