Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2006:037: freetype2, freetype2-devel


Vulnerability Assessment Details

SUSE-SA:2006:037: freetype2, freetype2-devel

Vulnerability Assessment Summary
Check for the version of the freetype2, freetype2-devel package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2006:037 (freetype2, freetype2-devel).


The freetype2 library renders TrueType fonts for open source projects.
More than 900 packages on SUSE Linux use this library. Therefore the
integer overflows in this code found by Josh Bressers and Chris Evans
might have a high impact on the security of a desktop system.

The bugs can lead to a remote denial-of-service attack and may lead to
remote command execution. The user needs to use a program that uses
freetype2 (almost all GUI applications do) and let this program process
malicious font data.


Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2006_37.freetype.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2007 Tenable Network Security

Cables, Connectors

Lot of (2) Transcend 1G DDR 400 DIMM CL3 RAM Memory
$20.27
Lot of (2) Transcend 1G DDR 400 DIMM CL3 RAM Memory pictureHYNIX 4GB (2x2GB) Memory PC3-10600 DDR3-1333MHz SODIMM LATITUDE E6520 E6420
$19.95
HYNIX 4GB (2x2GB) Memory PC3-10600 DDR3-1333MHz SODIMM LATITUDE E6520 E6420  pictureServer Memory: Samsung 32GB DDR3 PC3L-8500R 1066MHz ECC HP: 628975-081 RJ495
$359.98
Server Memory: Samsung 32GB DDR3 PC3L-8500R 1066MHz ECC HP: 628975-081 RJ495 pictureSAMSUNG 2GB Memory PC3-10600 DDR3-1333MHz SODIMM DELL LENOVO TOSHIBA HP SONY
$9.95
SAMSUNG 2GB Memory PC3-10600 DDR3-1333MHz SODIMM DELL LENOVO TOSHIBA HP SONY picture


Discussions

No Discussions have been posted on this vulnerability.