FreeType Unspecified Vulnerability (Windows) Network Vulnerability

Summary

This host is installed with FreeType and is prone to unspecified vulnerability.

Impact

Successful exploitation may allows remote attackers to cause denial of service. Impact Level: Application

Solution

Upgrade to FreeType version 2.4.2 or later, For updates refer to http://www.freetype.org/

Insight

The flaw is due to unspecified vectors via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.

Affected

FreeType version 2.3.9 and other versions before 2.4.2

References

http://secunia.com/advisories/40816
http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
http://www.vupen.com/english/advisories/2010/2018

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3054
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ddrLPD Remote Denial of Service Vulnerability
Ciscokits TFTP Server Long Filename Denial Of Service Vulnerability
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
Baidu Spark Browser Denial of Service Vulnerability -01 August14 (Windows)
Firefly MediaServer HTTP Header Multiple DoS Vulnerabilities

Take action and discover your vulnerabilities