CVSS: 7.5EPSS: 16%CPEs: 1EXPL: 0CVE-2006-3467 – freetype: integer overflow vulnerability due to incomplete fix for CVE-2006-1861
https://notcve.org/view.php?id=CVE-2006-3467
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861. Desbordamiento de entero en FreeType en versiones anteriores a 2.2 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un archivo PCF manipulado, según lo demostrado mediante el archivo de prueba Red Hat bad1.pcf, debido a una solución parcial de CVE-2006-1861. • ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html http://secunia.com/advisories/21062 http://secunia.com/advisories/21135 http://secunia.com/advisories/21144 http://secunia.com/advisories/2 • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 5.0EPSS: 9%CPEs: 6EXPL: 1CVE-2006-2661 – FreeType - '.TTF' File Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-2661
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. • https://www.exploit-db.com/exploits/27993 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html http://secunia.com/advisories/20525 http://secunia.com/advisories/20591 http://secunia.com/advisories/20638 http://secunia.com/advisories/20791 http://secunia.com/advisories/21062 http://secunia.com/advisories/21135 http://secunia.com/advisories/21385 http://secunia.com/advisories/21701 http:&#x • CWE-476: NULL Pointer Dereference •
CVSS: 5.0EPSS: 54%CPEs: 1EXPL: 1CVE-2006-0747 – FreeType - '.TTF' File Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-0747
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values. • https://www.exploit-db.com/exploits/27992 ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html http://secunia.com/advisories/20525 http://secunia.com/advisories/20591 http://secunia.com/advisories/20638 http://secunia.com/advisories/20791 http://secunia.com/advisories/21062 http://secunia.com/advisories/21135 http:/& • CWE-189: Numeric Errors •