CVE-2009-0946
UnknownEPSS 8.54%
Last modified
CVE-2009-0946 is a vulnerability of currently unknown severity. Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.. EPSS estimates a 8.54% chance of exploitation in the next 30 days.
Description
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Freetype | Freetype | <= 2.3.9 |
| Debian | Debian Linux | 4.0 |
| Debian | Debian Linux | 5.0 |
| Debian | Debian Linux | 6.0 |
| Canonical | Ubuntu Linux | 6.06 |
| Canonical | Ubuntu Linux | 8.04 |
| Canonical | Ubuntu Linux | 8.10 |
| Canonical | Ubuntu Linux | 9.04 |
| Opensuse | Opensuse | 10.3 |
| Opensuse | Opensuse | 11.0 |
| Opensuse | Opensuse | 11.1 |
| Suse | Linux Enterprise Server | 10 |
| Suse | Linux Enterprise Server | 11 |
| Apple | Safari | 4.0 |
| Apple | Iphone Os | >= 1.0.0, <= 2.2.1 |
| Apple | Mac Os X | >= 10.6.0, <= 10.6.4 |
| Apple | Mac Os X | 10.4.11 |
| Apple | Mac Os X | 10.5.8 |
| Apple | Mac Os X Server | >= 10.6.0, <= 10.6.4 |
| Apple | Mac Os X Server | 10.4.11 |
| Apple | Mac Os X Server | 10.5.8 |
References
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5Patch, Third Party Advisory
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5bPatch, Third Party Advisory
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4ePatch, Third Party Advisory
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLogRelease Notes, Third Party Advisory
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlMailing List, Third Party Advisory
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlMailing List, Third Party Advisory
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlMailing List, Third Party Advisory
- http://secunia.com/advisories/34723Third Party Advisory
- http://secunia.com/advisories/34913Third Party Advisory
- http://secunia.com/advisories/34967Third Party Advisory
- http://secunia.com/advisories/35065Third Party Advisory
- http://secunia.com/advisories/35074Third Party Advisory
- http://secunia.com/advisories/35198Third Party Advisory
- http://secunia.com/advisories/35200Third Party Advisory
- http://secunia.com/advisories/35204Third Party Advisory
- http://secunia.com/advisories/35210Third Party Advisory
- http://secunia.com/advisories/35379Third Party Advisory
- http://security.gentoo.org/glsa/glsa-200905-05.xmlThird Party Advisory
- http://support.apple.com/kb/HT3549Third Party Advisory
- http://support.apple.com/kb/HT3613Third Party Advisory
- http://support.apple.com/kb/HT3639Third Party Advisory
- http://support.apple.com/kb/HT4435Broken Link
- http://www.debian.org/security/2009/dsa-1784Third Party Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:243Third Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-0329.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-1061.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-1062.htmlThird Party Advisory
- http://www.securityfocus.com/bid/34550Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-767-1Third Party Advisory
- http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlThird Party Advisory, US Government Resource
- http://www.vupen.com/english/advisories/2009/1058Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1297Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1522Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1621Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=491384Issue Tracking, Patch, Third Party Advisory
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5Patch, Third Party Advisory
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5bPatch, Third Party Advisory
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4ePatch, Third Party Advisory
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLogRelease Notes, Third Party Advisory
- http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlMailing List, Third Party Advisory
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlMailing List, Third Party Advisory
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.htmlMailing List, Third Party Advisory
- http://secunia.com/advisories/34723Third Party Advisory
- http://secunia.com/advisories/34913Third Party Advisory
- http://secunia.com/advisories/34967Third Party Advisory
- http://secunia.com/advisories/35065Third Party Advisory
- http://secunia.com/advisories/35074Third Party Advisory
- http://secunia.com/advisories/35198Third Party Advisory
- http://secunia.com/advisories/35200Third Party Advisory
- http://secunia.com/advisories/35204Third Party Advisory
- http://secunia.com/advisories/35210Third Party Advisory
- http://secunia.com/advisories/35379Third Party Advisory
- http://security.gentoo.org/glsa/glsa-200905-05.xmlThird Party Advisory
- http://support.apple.com/kb/HT3549Third Party Advisory
- http://support.apple.com/kb/HT3613Third Party Advisory
- http://support.apple.com/kb/HT3639Third Party Advisory
- http://support.apple.com/kb/HT4435Broken Link
- http://www.debian.org/security/2009/dsa-1784Third Party Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:243Third Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-0329.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-1061.htmlThird Party Advisory
- http://www.redhat.com/support/errata/RHSA-2009-1062.htmlThird Party Advisory
- http://www.securityfocus.com/bid/34550Third Party Advisory, VDB Entry
- http://www.ubuntu.com/usn/USN-767-1Third Party Advisory
- http://www.us-cert.gov/cas/techalerts/TA09-133A.htmlThird Party Advisory, US Government Resource
- http://www.vupen.com/english/advisories/2009/1058Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1297Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1522Third Party Advisory
- http://www.vupen.com/english/advisories/2009/1621Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=491384Issue Tracking, Patch, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-0946?
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
How severe is CVE-2009-0946?
Severity scoring for CVE-2009-0946 is pending analysis. The EPSS model estimates a 8.54% probability of exploitation in the next 30 days.
How do I fix CVE-2009-0946?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2009-0946?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST