Mandriva Linux Security Advisory : freetype2 (MDVSA-2010:236)
Medium Nessus Plugin ID 50608
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities were discovered and corrected in freetype2 :
An error within the 'Ins_SHZ()' function in src/truetype/ttinterp.c when handling the 'SHZ' bytecode instruction can be exploited to cause a crash and potentially execute arbitrary code via a specially crafted font (CVE-2010-3814).
An error exists in the 'ft_var_readpackedpoints()' function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be exploited to cause a heap-based buffer overflow via a specially crafted font (CVE-2010-3855).
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:
The updated packages have been patched to correct these issues.
SolutionUpdate the affected packages.