This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing one or more security
A vulnerability was discovered and corrected in freetype2 :
Marc Schoenefeld found an input stream position error in the way
FreeType font rendering engine processed input file streams. If a user
loaded a specially crafted font file with an application linked
against FreeType and relevant font glyphs were subsequently rendered
with the X FreeType library (libXft), it could cause the application
to crash or, possibly execute arbitrary code (integer overflow leading
to heap-based buffer overflow in the libXft library) with the
privileges of the user running the application. Different
vulnerability than CVE-2010-1797 (CVE-2010-3311).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
The updated packages have been patched to correct this issue.
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false