Mandriva Update For Freetype2 MDKSA-2007:081-1 (freetype2) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

iDefense integer overflows in the way freetype handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code. Updated packages have been patched to correct this issue. Update: Packages for Mandriva Linux 2007.1 are now available.

Affected

freetype2 on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64

Severity

Classification

CVE CVE-2007-1351
CVSS Base Score: 8.5
AV:N/AC:M/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:148 (kernel)
Mandrake Security Advisory MDVSA-2009:135 (kernel)
Mandrake Security Advisory MDVSA-2009:005 (xterm)
Mandrake Security Advisory MDVSA-2009:022 (php)
Mandrake Security Advisory MDVSA-2009:187 (nagios)

Mandriva Update for freetype2 MDKSA-2007:081-1 (freetype2)

Take action and discover your vulnerabilities