Mandrake Linux Security Advisory : freetype2 (MDKSA-2007:121)

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing one or more security
updates.

Description :

An integer overflow vulnerability was discovered in the way the
FreeType font engine processed TTF files. If a user were to load a
special font file with a program linked against freetype, it could
cause the application to crash or possibly execute arbitrary code as
the user running the program.

The updated packages have been patched to prevent this issue.

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Mandriva Local Security Checks

Nessus Plugin ID: 25515 (mandrake_MDKSA-2007-121.nasl)

Bugtraq ID: 24074

CVE ID: CVE-2007-2754

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now