OracleVM 2.1 : freetype (OVMSA-2009-0012)

Critical Nessus Plugin ID 79459

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 5.9

Synopsis

The remote OracleVM host is missing a security update.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

CVE-2009-0946 Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

CVE-2008-1806 Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.

CVE-2008-1807 FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid 'number of axes' field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.

CVE-2008-1808 Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow.

- Add freetype-2009-CVEs.patch

- Resolves: #496111

- Add freetype-2.3.5-CVEs.patch

- Resolves: #450910

Solution

Update the affected freetype package.

See Also

https://oss.oracle.com/pipermail/oraclevm-errata/2009-May/000026.html

Plugin Details

Severity: Critical

ID: 79459

File Name: oraclevm_OVMSA-2009-0012.nasl

Version: 1.6

Type: local

Published: 2014/11/26

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: Critical

VPR Score: 5.9

CVSS v2.0

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:freetype, cpe:/o:oracle:vm_server:2.1

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2009/05/27

Vulnerability Publication Date: 2008/06/16

Reference Information

CVE: CVE-2008-1806, CVE-2008-1807, CVE-2008-1808, CVE-2009-0946

BID: 29637, 29639, 29640, 29641, 34550

CWE: 189