OracleVM 3.3 : freetype (OVMSA-2015-0036)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote OracleVM host is missing a security update.

Description :

The remote OracleVM system is missing necessary patches to address
critical security updates :

- Fixes (CVE-2014-9657)

- Check minimum size of `record_size'.

- Fixes (CVE-2014-9658)

- Use correct value for minimum table length test.

- Fixes (CVE-2014-9675)

- New macro that checks one character more than `strncmp'.

- Fixes (CVE-2014-9660)

- Check `_BDF_GLYPH_BITS'.

- Fixes (CVE-2014-9661)

- Initialize `face->ttf_size'.

- Always set `face->ttf_size' directly.

- Exclusively use the `truetype' font driver for loading
the font contained in the `sfnts' array.

- Fixes (CVE-2014-9663)

- Fix order of validity tests.

- Fixes (CVE-2014-9664)

- Add another boundary testing.

- Fix boundary testing.

- Fixes (CVE-2014-9667)

- Protect against addition overflow.

- Fixes (CVE-2014-9669)

- Protect against overflow in additions and
multiplications.

- Fixes (CVE-2014-9670)

- Add sanity checks for row and column values.

- Fixes (CVE-2014-9671)

- Check `size' and `offset' values.

- Fixes (CVE-2014-9673)

- Fix integer overflow by a broken POST table in
resource-fork.

- Fixes (CVE-2014-9674)

- Fix integer overflow by a broken POST table in
resource-fork.

- Additional overflow check in the summation of POST
fragment lengths.

- Work around behaviour of X11's `pcfWriteFont' and
`pcfReadFont' functions

- Resolves: #1197737

- Fix (CVE-2012-5669) (Use correct array size for checking
`glyph_enc')

- Resolves: #903543

See also :

http://www.nessus.org/u?22fbb5cd

Solution :

Update the affected freetype package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now