FreeBSD : freetype2 -- Out of bounds read/write (1a0de610-a761-11e3-95fe-bcaec565249c)

high Nessus Plugin ID 72893

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Mateusz Jurczyk reports :

Out of bounds stack-based read/write in cf2_hintmap_build.

This is a critical vulnerability in the CFF Rasterizer code recently contributed by Adobe, leading to potential arbitrary code execution in the context of the FreeType2 library client.

Solution

Update the affected package.

See Also

http://savannah.nongnu.org/bugs/?41697

http://www.nessus.org/u?1c64ba96

Plugin Details

Severity: High

ID: 72893

File Name: freebsd_pkg_1a0de610a76111e395febcaec565249c.nasl

Version: 1.4

Type: local

Published: 3/10/2014

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freetype2, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 3/9/2014

Vulnerability Publication Date: 2/25/2014