CVE-2010-3814
Published: November 26th, 2010
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
MEDIUM
CVSS v2: 6.8
CVSS v2: 6.8
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 0.0.0.1 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 26.1.1 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 26.1 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 25.4 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 25.3 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 25.2 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 25.1.2 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 25.1.1 | freetype (2.13.3) | Not Affected | Code Not Present | 2.13.3 does not match CVE configuration. |
| 25.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 24.4 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 24.4.0 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 24.3 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 24.2.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 24.2 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 24.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 23.3 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 23.2.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 23.2 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 23.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 22.4 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 22.3 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 22.2 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 22.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 21.11.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 21.11 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 21.8.1 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |
| 21.8 | freetype (2.6.5) | Not Affected | Code Not Present | 2.6.5 does not match CVE configuration. |