FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-3467

This CVE name corresponds to:

Entered Topic
2006-10-02 freetype -- LWFN Files Buffer Overflow Vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2006-3467
Phase Assigned(20060710)

Description

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.

References

Source Reference
BUGTRAQ 20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
BUGTRAQ 20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
BUGTRAQ 20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
BUGTRAQ 20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2
BUGTRAQ 20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2
MISC http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm
CONFIRM http://www.vmware.com/download/esx/esx-202-200610-patch.html
CONFIRM http://www.vmware.com/download/esx/esx-213-200610-patch.html
CONFIRM http://www.vmware.com/download/esx/esx-254-200610-patch.html
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm
CONFIRM http://support.apple.com/kb/HT3438
APPLE APPLE-SA-2009-02-12
DEBIAN DSA-1178
DEBIAN DSA-1193
GENTOO GLSA-200609-04
MANDRIVA MDKSA-2006:129
MANDRIVA MDKSA-2006:148
REDHAT RHSA-2006:0500
REDHAT RHSA-2006:0634
REDHAT RHSA-2006:0635
SGI 20060701-01-U
SUNALERT 102705
SUSE SUSE-SA:2006:045
SUSE SUSE-SR:2007:021
TRUSTIX 2006-0052
UBUNTU USN-324-1
UBUNTU USN-341-1
OVAL oval:org.mitre.oval:def:10673
VUPEN ADV-2006-4522
VUPEN ADV-2006-4502
VUPEN ADV-2007-0381
SECTRACK 1016522
SECUNIA 21062
SECUNIA 21144
SECUNIA 21232
SECUNIA 21135
SECUNIA 21285
SECUNIA 21566
SECUNIA 21567
SECUNIA 21793
SECUNIA 21798
SECUNIA 21606
SECUNIA 21626
SECUNIA 21701
SECUNIA 21836
SECUNIA 22027
SECUNIA 22332
SECUNIA 22907
SECUNIA 22875
SECUNIA 23400
SECUNIA 23939
SECUNIA 27271
SECUNIA 33937