CVE Vulnerability

CVE-2007-3506

The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."

7.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype&r1=1.17&r2=1.18
http://savannah.nongnu.org/bugs/index.php?19536
https://sourceforge.net/project/shownotes.php?group_id=3157&release_id=499970 Patch
http://secunia.com/advisories/25884 Vendor Advisory
http://www.securityfocus.com/bid/24708
Configurations

Configuration 1

cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*
Information

Published : 2007-07-02 07:30

Updated : 2008-09-05 09:25

NVD link : CVE-2007-3506

Mitre link : CVE-2007-3506

Products Affected
No products.
CWE
NVD-CWE-Other