PT-2011-1140 · Freetype+1 · Freetype+1

Chpwn

Published

2011-07-19

Updated

2024-06-15

CVE-2011-0226

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions freetype versions 2.3.11 through 2.4.7 freetype version 2.3.11

Description The issue is related to an integer signedness error in the t1decode.c file of the FreeType library, which can be exploited remotely. This error allows attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crashes. The exploitation can occur via a crafted Type 1 font in a PDF document. There have been instances of this issue being exploited in the wild.

Recommendations For freetype versions 2.3.11 through 2.4.7, update to version 2.4.8 or later to resolve the issue. For freetype version 2.3.11, update to version 2.4.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the t1decode.c function until a patch is available.

Fix

DoS

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-189

Related Identifiers

BDU:2015-07201

BDU:2015-07202

BDU:2015-07203

BDU:2015-07204

BDU:2015-09431

CVE-2011-0226

DSA-2294-1

ELSA-2011-1085

OPENSUSE-SU-2024:10172-1

OPENSUSE-SU-2024:10438-1

RHSA-2011:1085

RHSA-2011_1085

Affected Products

Freetype

Red Hat

PT-2011-1140 · Freetype+1 · Freetype+1

CVE-2011-0226

Weakness Enumeration

Related Identifiers

Affected Products

References · 91