CVE-2009-0946
published 2009-04-17CVE-2009-0946: Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | iphone_os | 1.0.0 – 2.2.1 | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | 10.6.0 – 10.6.4 | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | — | — |
| apple | mac_os_x_server | 10.6.0 – 10.6.4 | — |
| apple | safari | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | freetype | < freetype 2.3.9-4.1 (bookworm) | freetype 2.3.9-4.1 (bookworm) |
| freetype | freetype | <= 2.3.9 | — |
| freetype | freetype | >= 0 < 2.3.9-4.1 | 2.3.9-4.1 |
| freetype | freetype | >= 0 < 2.3.9-4.1 | 2.3.9-4.1 |
| freetype | freetype | >= 0 < 2.3.9-4.1 | 2.3.9-4.1 |
| freetype | freetype | >= 0 < 2.3.9-4.1 | 2.3.9-4.1 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| suse | linux_enterprise_server | — | — |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH