FreeBSD : freetype2 -- Out of bounds read/write (1a0de610-a761-11e3-95fe-bcaec565249c)

High Nessus Plugin ID 72893


The remote FreeBSD host is missing a security-related update.


Mateusz Jurczyk reports :

Out of bounds stack-based read/write in cf2_hintmap_build.

This is a critical vulnerability in the CFF Rasterizer code recently contributed by Adobe, leading to potential arbitrary code execution in the context of the FreeType2 library client.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 72893

File Name: freebsd_pkg_1a0de610a76111e395febcaec565249c.nasl

Version: $Revision: 1.1 $

Type: local

Published: 2014/03/10

Modified: 2014/03/10

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:freetype2, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2014/03/09

Vulnerability Publication Date: 2014/02/25