Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: CVE-2006-3467 CVE-2006-3467 freetype: integer overflow vulnerability due to
incomplete fix for CVE-2006-1861
Alias: CVE-2006-3467
https://bugzilla.redhat.com/show_bug.cgi?id=487070
Summary: CVE-2006-3467 CVE-2006-3467 freetype: integer overflow
vulnerability due to incomplete fix for CVE-2006-1861
Product: Security Response
Version: unspecified
Platform: All
URL:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-20
06-3467
OS/Version: Linux
Status: NEW
Status Whiteboard: impact=moderate,source=rehdat,reported=20060710,public
=20060718
Keywords: Security
Severity: medium
Priority: medium
Component: vulnerability
AssignedTo: security-response-team(a)redhat.com
ReportedBy: vdanen(a)redhat.com
CC: ajax(a)redhat.com, fedora-fonts-bugs-list(a)redhat.com
Classification: Other
Target Release: ---
Common Vulnerabilities and Exposures assigned an identifier CVE-2006-3467 to
the following vulnerability:
Name: CVE-2006-3467
URL:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467
Assigned: 20060710
Reference: URL:
http://www.securityfocus.com/archive/1/archive/1/451426/100/200/threaded
Reference: MISC:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
Integer overflow in FreeType before 2.2 allows remote attackers to cause a
denial of service (crash) and possibly execute arbitrary code via a crafted PCF
file, as demonstrated by the Red Hat
bad1.pcf test file, due to a partial fix of CVE-2006-1861.
--
Configure bugmail:
https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.