SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   FreeType Vendors:   freetype.org
FreeType Bug in 't1decode.c' Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1025757
SecurityTracker URL:  http://securitytracker.com/id/1025757
CVE Reference:   CVE-2011-0226   (Links to External Site)
Updated:  Jul 15 2011
Original Entry Date:  Jul 9 2011
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 2.4.5
Description:   A vulnerability was reported in FreeType. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted font file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

The vulnerability resides in 'src/psaux/t1decode.c'.

Apple iOS is affected.

The vulnerability was reported in a PDF file used to jailbreak Apple iOS devices.

A demonstration exploit is available at:

http://www.jailbreakme.com/saffron/_/iPod_4.3.3_8J2.pdf

Impact:   A remote user can create a font file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued a source code fix, available at:

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c46b1e2476cc1804c0dd25d463be3c99d58befd7

Vendor URL:  www.freetype.org/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Apple (iOS), Linux (Any), UNIX (Any)
Underlying OS Comments:  iOS, possibly others

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jul 9 2011 (Apple Issues Fix for iOS) FreeType Bug in 't1decode.c' Lets Remote Users Execute Arbitrary Code
Apple has issued a fix for iOS.
Jul 21 2011 (Red Hat Issues Fix) FreeType Bug in 't1decode.c' Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for Red Hat Enterprise Linux 6.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC