Your submission was sent successfully! Close

CVE-2006-3467

Published: 21 July 2006

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.

Priority

Unknown

Status

Package Release Status
freetype
Launchpad, Ubuntu, Debian
dapper
Released (2.1.10-1ubuntu2.4)
edgy
Released (2.2.1-5ubuntu0.2)
feisty
Released (2.2.1-5ubuntu1.1)
gutsy
Released (2.3.5-1ubuntu1)
hardy
Released (2.3.5-1ubuntu1)
intrepid
Released (2.3.5-1ubuntu1)
jaunty
Released (2.3.5-1ubuntu1)
karmic
Released (2.3.5-1ubuntu1)
upstream
Released (2.3.5-1)
ia32-libs
Launchpad, Ubuntu, Debian
dapper
Released (1.4ubuntu20)
edgy Not vulnerable

feisty Not vulnerable

gutsy Needed
(reached end-of-life)
hardy Not vulnerable
(has 2.3.5-1)
intrepid Not vulnerable

jaunty Not vulnerable

karmic Not vulnerable

upstream Needs triage

libxfont
Launchpad, Ubuntu, Debian
dapper
Released (1.0.0-0ubuntu3.3)
edgy
Released (1.2.0-0ubuntu3.1)
feisty
Released (1.2.7-1ubuntu1)
gutsy
Released (1.2.7-1ubuntu1)
hardy
Released (1.2.7-1ubuntu1)
intrepid
Released (1.2.7-1ubuntu1)
jaunty
Released (1.2.7-1ubuntu1)
karmic
Released (1.2.7-1ubuntu1)
upstream Needs triage

xorg
Launchpad, Ubuntu, Debian
dapper Not vulnerable

edgy Not vulnerable

feisty Not vulnerable

gutsy Not vulnerable

hardy Not vulnerable

intrepid Not vulnerable

jaunty Not vulnerable

karmic Not vulnerable

upstream Needs triage