Bug 13977

Summary: [CVE 21] freetype 1.3.1 CVEs CVE-2006-2661 EXPLOIT https://www.exploit-db.com/download/27993 found
Product: [ROSA-based products] ROSA Fresh Reporter: Yury <y.tumanov>
Component: System (kernel, glibc, systemd, bash, PAM...)Assignee: ROSA Linux Bugs <bugs>
Status: RESOLVED INVALID QA Contact: ROSA Linux Bugs <bugs>
Severity: blocker    
Priority: Highest CC: y.tumanov
Version: AllFlags: y.tumanov: secteam_verified+
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: CVE-2006-2661 https://www.exploit-db.com/download/27993 found
Whiteboard:
Platform: 2021.1 ROSA Vulnerability identifier:
RPM Package: ISO-related:
Bad POT generating: Upstream:

Description Yury 2023-10-20 15:29:18 MSK 
freetype	1.3.1	CVE-2006-2661	ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.			5	MEDIUM	CWE-476			Не найден	https://nvd.nist.gov/vuln/detail/CVE-2006-2661	https://www.exploit-db.com/download/27993	Multiple
Comment 1 Yury 2023-10-20 15:30:25 MSK 
Неактуальна
у нас
freetype 2.10.4