Описание
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.4.4-2ubuntu1 |
| hardy | not-affected | 2.3.5-1ubuntu4.8.04.6 |
| lucid | not-affected | 2.3.11-1ubuntu2.4 |
| maverick | released | 2.4.2-2ubuntu0.2 |
| natty | released | 2.4.4-1ubuntu2.1 |
| upstream | released | 2.4.6 |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, ...
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
EPSS
9.3 Critical
CVSS2