CVE-2006-1861

Name of the Vulnerable Software and Affected Versions: freetype versions prior to 2.2 freetype versions prior to 2.1.10-r2 freetype version 2.0.3 freetype versions prior to 1.4 pre20080316-r2

Description: The issue concerns multiple vulnerabilities in the freetype package, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. The vulnerabilities are related to integer overflows in various files, including bdf/bdflib.c, sfnt/ttcmap.c, cff/cffgload.c, and base/ftmac.c, and can potentially allow attackers to execute arbitrary code or cause a denial of service.

Recommendations: For freetype versions prior to 2.2, update to version 2.2 or later. For freetype versions prior to 2.1.10-r2, update to version 2.1.10-r2 or later. For freetype version 2.0.3, update to a version later than 2.0.3. For freetype versions prior to 1.4 pre20080316-r2, update to version 1.4 pre20080316-r2 or later. As a temporary workaround, consider restricting access to the vulnerable functions and files until a patch is available.