Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:ADOBE:PDF-FREETYPE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PDF FreeType Compact Font Format Multiple Overflow |
Release Date |
2011/01/06 |
Update Number |
1846 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: PDF FreeType Compact Font Format Multiple Overflow
This signature detects attempts to exploit a known vulnerability in multiple PDF readers. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
FreeType is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Successful exploits may allow attackers to execute arbitrary code in the context of an application using the affected library. Failed exploit attempts will likely result in denial-of-service conditions. NOTE (August 12, 2010): The Type2 'CharStrings' buffer-overflow issue was duplicated in BID 42151 (Apple iOS Multiple Vulnerabilities). This BID has been updated to reflect details that may have been included in BID 42151.
Affected Products
- Apple ios 3.2
- Apple ios 3.2.1
- Apple ios 4
- Apple ios 4.0.1
- Apple ipad 3.2
- Apple ipad 3.2.1
- Apple ipad
- Apple iphone 2.0
- Apple iphone 2.0.1
- Apple iphone 2.0.2
- Apple iphone 2.1
- Apple iphone 2.2
- Apple iphone 2.2.1
- Apple iphone 3.0
- Apple iphone 3.0.1
- Apple iphone 3.1
- Apple iphone 3.1.2
- Apple iphone 3.1.3
- Apple ipod_touch 2.0
- Apple ipod_touch 2.0.1
- Apple ipod_touch 2.0.2
- Apple ipod_touch 2.1
- Apple ipod_touch 2.2
- Apple ipod_touch 2.2.1
- Apple ipod_touch 3.0
- Apple ipod_touch 3.1.1
- Apple ipod_touch 3.1.2
- Apple ipod_touch 3.1.3
- Avaya aura_application_enablement_services 5.2
- Avaya aura_application_enablement_services 5.2.1
- Avaya aura_conferencing 6.0
- Avaya aura_conferencing 6.0 Standard
- Avaya aura_presence_services 6.0
- Avaya aura_presence_services
- Avaya aura_session_manager 1.1
- Avaya aura_session_manager 5.2
- Avaya aura_session_manager 6.0
- Avaya aura_system_manager 1.0
- Avaya aura_system_manager 5.2
- Avaya aura_system_manager 6.0 SP1
- Avaya aura_system_platform 1.1
- Avaya aura_system_platform 6.0
- Avaya cms_server 15.0
- Avaya cms_server 16.0
- Avaya cms_server 16.1
- Avaya cms_server 16.2
- Avaya intuity_audix_lx 1.0
- Avaya intuity_audix_lx 2.0
- Avaya intuity_audix_lx 2.0 SP1
- Avaya intuity_audix_lx 2.0 SP2
- Avaya intuity_audix_lx R1.1
- Avaya iq 4.1.0
- Avaya iq 5
- Avaya iq 5.1
- Avaya ir 4.0
- Avaya message_networking 3.1
- Avaya message_networking 5.2
- Avaya message_networking MN 3.1
- Avaya message_networking
- Avaya messaging_storage_server 1.0
- Avaya messaging_storage_server 2.0
- Avaya messaging_storage_server 3.1
- Avaya messaging_storage_server 3.1 SP1
- Avaya messaging_storage_server 4.0
- Avaya messaging_storage_server 5.0
- Avaya messaging_storage_server 5.1
- Avaya messaging_storage_server 5.2
- Avaya messaging_storage_server 5.2 SP1
- Avaya messaging_storage_server MM3.0
- Avaya messaging_storage_server
- Avaya proactive_contact 3.0
- Avaya proactive_contact 3.0.2
- Avaya proactive_contact 3.0.3
- Avaya proactive_contact 4.0
- Avaya proactive_contact 4.1
- Avaya proactive_contact 4.1.1
- Avaya proactive_contact 4.1.2
- Avaya proactive_contact 4.2
- Avaya proactive_contact
- Avaya voice_portal 3.0
- Avaya voice_portal 4.0
- Avaya voice_portal 4.1
- Avaya voice_portal 4.1 SP1
- Avaya voice_portal 4.1 SP2
- Avaya voice_portal 5.0
- Avaya voice_portal 5.0 SP1
- Avaya voice_portal 5.0 SP2
- Avaya voice_portal 5.1
- Debian linux 5.0
- Debian linux 5.0 Alpha
- Debian linux 5.0 Amd64
- Debian linux 5.0 Arm
- Debian linux 5.0 Armel
- Debian linux 5.0 Hppa
- Debian linux 5.0 Ia-32
- Debian linux 5.0 Ia-64
- Debian linux 5.0 M68k
- Debian linux 5.0 Mips
- Debian linux 5.0 Mipsel
- Debian linux 5.0 Powerpc
- Debian linux 5.0 S/390
- Debian linux 5.0 Sparc
- Foxit foxit_reader 2.2
- Foxit foxit_reader 2.3
- Foxit foxit_reader 2.3 Build 2825
- Foxit foxit_reader 2.3 Build 2923
- Foxit foxit_reader 2.3 Build 3902
- Foxit foxit_reader 3.0
- Foxit foxit_reader 3.0.2009.1301
- Foxit foxit_reader 3.0 Build 1506
- Foxit foxit_reader 3.0 Build 1817
- Foxit foxit_reader 3.1.4.1125
- Foxit foxit_reader 3.2
- Foxit foxit_reader 3.2.0.0303
- Foxit foxit_reader 3.2.1.0401
- Foxit foxit_reader 4.0
- Foxit reader 3.1.1 Build 0928
- Foxit reader 4.1
- Foxit reader 4.1.1
- Freetype freetype 2.0.6
- Freetype freetype 2.0.9
- Freetype freetype 2.1.10
- Freetype freetype 2.1.7
- Freetype freetype 2.1.9
- Freetype freetype 2.2
- Freetype freetype 2.2.1
- Freetype freetype 2.2.10
- Freetype freetype 2.3.3
- Freetype freetype 2.3.4
- Freetype freetype 2.3.5
- Freetype freetype 2.3.6
- Freetype freetype 2.4.0
- Gentoo linux
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Mandriva enterprise_server 5
- Mandriva enterprise_server 5 X86 64
- Mandriva linux_mandrake 2008.0
- Mandriva linux_mandrake 2008.0 X86 64
- Mandriva linux_mandrake 2009.0
- Mandriva linux_mandrake 2009.0 X86 64
- Mandriva linux_mandrake 2009.1
- Mandriva linux_mandrake 2009.1 X86 64
- Mandriva linux_mandrake 2010.0
- Mandriva linux_mandrake 2010.0 X86 64
- Mandriva linux_mandrake 2010.1
- Mandriva linux_mandrake 2010.1 X86 64
- Pardus linux_2009
- Red_hat desktop 3.0.0
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux 5 Client
- Red_hat enterprise_linux 5 Server
- Red_hat enterprise_linux Desktop Version 4
- Red_hat enterprise_linux_as 3
- Red_hat enterprise_linux_as 4
- Red_hat enterprise_linux_desktop_workstation 5 Client
- Red_hat enterprise_linux_es 3
- Red_hat enterprise_linux_es 4
- Red_hat enterprise_linux_ws 3
- Red_hat enterprise_linux_ws 4
- Red_hat fedora 12
- Red_hat fedora 13
- Sun opensolaris Build Snv 01
- Sun opensolaris Build Snv 02
- Sun opensolaris Build Snv 100
- Sun opensolaris Build Snv 101
- Sun opensolaris Build Snv 101A
- Sun opensolaris Build Snv 102
- Sun opensolaris Build Snv 103
- Sun opensolaris Build Snv 104
- Sun opensolaris Build Snv 105
- Sun opensolaris Build Snv 106
- Sun opensolaris Build Snv 107
- Sun opensolaris Build Snv 108
- Sun opensolaris Build Snv 109
- Sun opensolaris Build Snv 110
- Sun opensolaris Build Snv 111
- Sun opensolaris Build Snv 111A
- Sun opensolaris Build Snv 13
- Sun opensolaris Build Snv 19
- Sun opensolaris Build Snv 22
- Sun opensolaris Build Snv 28
- Sun opensolaris Build Snv 29
- Sun opensolaris Build Snv 35
- Sun opensolaris Build Snv 36
- Sun opensolaris Build Snv 37
- Sun opensolaris Build Snv 38
- Sun opensolaris Build Snv 39
- Sun opensolaris Build Snv 41
- Sun opensolaris Build Snv 45
- Sun opensolaris Build Snv 47
- Sun opensolaris Build Snv 48
- Sun opensolaris Build Snv 49
- Sun opensolaris Build Snv 50
- Sun opensolaris Build Snv 51
- Sun opensolaris Build Snv 54
- Sun opensolaris Build Snv 56
- Sun opensolaris Build Snv 57
- Sun opensolaris Build Snv 58
- Sun opensolaris Build Snv 59
- Sun opensolaris Build Snv 61
- Sun opensolaris Build Snv 64
- Sun opensolaris Build Snv 67
- Sun opensolaris Build Snv 68
- Sun opensolaris Build Snv 71
- Sun opensolaris Build Snv 74
- Sun opensolaris Build Snv 76
- Sun opensolaris Build Snv 77
- Sun opensolaris Build Snv 78
- Sun opensolaris Build Snv 80
- Sun opensolaris Build Snv 81
- Sun opensolaris Build Snv 82
- Sun opensolaris Build Snv 83
- Sun opensolaris Build Snv 84
- Sun opensolaris Build Snv 85
- Sun opensolaris Build Snv 86
- Sun opensolaris Build Snv 87
- Sun opensolaris Build Snv 88
- Sun opensolaris Build Snv 89
- Sun opensolaris Build Snv 90
- Sun opensolaris Build Snv 91
- Sun opensolaris Build Snv 92
- Sun opensolaris Build Snv 93
- Sun opensolaris Build Snv 94
- Sun opensolaris Build Snv 95
- Sun opensolaris Build Snv 96
- Sun opensolaris Build Snv 98
- Sun opensolaris Build Snv 99
- Sun opensolaris Svn 126
- Sun opensolaris
- Sun solaris 10 Sparc
- Sun solaris 10 X86
- Sun solaris 9 Sparc
- Sun solaris 9 X86
- Suse opensuse 11.1
- Suse opensuse 11.2
- Suse opensuse 11.3
- Suse suse_linux_enterprise 10 SP3
- Suse suse_linux_enterprise 11
- Suse suse_linux_enterprise_server 10 SP2
- Suse suse_linux_enterprise_server 9
- Ubuntu ubuntu_linux 10.04 Amd64
- Ubuntu ubuntu_linux 10.04 I386
- Ubuntu ubuntu_linux 10.04 Powerpc
- Ubuntu ubuntu_linux 10.04 Sparc
- Ubuntu ubuntu_linux 6.06 LTS Amd64
- Ubuntu ubuntu_linux 6.06 LTS I386
- Ubuntu ubuntu_linux 6.06 LTS Powerpc
- Ubuntu ubuntu_linux 6.06 LTS Sparc
- Ubuntu ubuntu_linux 8.04 LTS Amd64
- Ubuntu ubuntu_linux 8.04 LTS I386
- Ubuntu ubuntu_linux 8.04 LTS Lpia
- Ubuntu ubuntu_linux 8.04 LTS Powerpc
- Ubuntu ubuntu_linux 8.04 LTS Sparc
- Ubuntu ubuntu_linux 9.04 Amd64
- Ubuntu ubuntu_linux 9.04 I386
- Ubuntu ubuntu_linux 9.04 Lpia
- Ubuntu ubuntu_linux 9.04 Powerpc
- Ubuntu ubuntu_linux 9.04 Sparc
- Ubuntu ubuntu_linux 9.10 Amd64
- Ubuntu ubuntu_linux 9.10 I386
- Ubuntu ubuntu_linux 9.10 Lpia
- Ubuntu ubuntu_linux 9.10 Powerpc
- Ubuntu ubuntu_linux 9.10 Sparc
References
- BugTraq: 42241
- CVE: CVE-2010-2972
- CVE: CVE-2010-1797
- URL: http://www.foxitsoftware.com/pdf/reader/bugfix.php
- URL: http://www.freetype.org/
- URL: https://bugzilla.redhat.com/show_bug.cgi?id=621144
- URL: http://www.foxitsoftware.com/announcements/2010861227.html
- URL: http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
- URL: http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#iphone