Oracle Solaris Third-Party Patch Update : libfxt (cve_2011_3256_denial_of)
Medium Nessus Plugin ID 80670
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font, a different vulnerability than CVE-2011-0226. (CVE-2011-3256)
SolutionUpgrade to Solaris 11.1.