CVE-2006-1861 - Vulnerability Details

Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Freetype	Freetype
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:freetype:freetype:2.0.9:::::::*
	cpe:2.3:a:freetype:freetype:2.1.3:::::::*
	cpe:2.3:a:freetype:freetype:2.1.4:::::::*
	cpe:2.3:a:freetype:freetype:2.1.5:::::::*
	cpe:2.3:a:freetype:freetype:2.1.6:::::::*
	cpe:2.3:a:freetype:freetype:2.1.7:::::::*
	cpe:2.3:a:freetype:freetype:2.1.8:::::::*
	cpe:2.3:a:freetype:freetype:2.1.9:::::::*
	cpe:2.3:a:freetype:freetype:2.1.10:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 2.1
freetype-0:2.0.3-17.el21	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2009:1062	2009-05-22T00:00:00Z
Red Hat Enterprise Linux 3
freetype-0:2.1.4-4.0.rhel3.2	cpe:/o:redhat:enterprise_linux:3	RHSA-2006:0500	2006-07-18T00:00:00Z
freetype-0:2.1.4-12.el3	cpe:/o:redhat:enterprise_linux:3	RHSA-2009:0329	2009-05-22T00:00:00Z
Red Hat Enterprise Linux 4
freetype-0:2.1.9-1.rhel4.4	cpe:/o:redhat:enterprise_linux:4	RHSA-2006:0500	2006-07-18T00:00:00Z
freetype-0:2.1.9-10.el4.7	cpe:/o:redhat:enterprise_linux:4	RHSA-2009:0329	2009-05-22T00:00:00Z

References

Link	Providers
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html
http://secunia.com/advisories/20100
http://secunia.com/advisories/20525
http://secunia.com/advisories/20591
http://secunia.com/advisories/20638
http://secunia.com/advisories/20791
http://secunia.com/advisories/21000
http://secunia.com/advisories/21062
http://secunia.com/advisories/21135
http://secunia.com/advisories/21385
http://secunia.com/advisories/21701
http://secunia.com/advisories/23939
http://secunia.com/advisories/27162
http://secunia.com/advisories/27167
http://secunia.com/advisories/27271
http://secunia.com/advisories/33937
http://secunia.com/advisories/35200
http://secunia.com/advisories/35204
http://secunia.com/advisories/35233
http://security.gentoo.org/glsa/glsa-200607-02.xml
http://securitytracker.com/id?1016522
http://sourceforge.net/project/shownotes.php?release_id=416463
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1
http://support.apple.com/kb/HT3438
http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm
http://www.debian.org/security/2006/dsa-1095
http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:099
http://www.redhat.com/support/errata/RHSA-2006-0500.html
http://www.redhat.com/support/errata/RHSA-2009-0329.html
http://www.redhat.com/support/errata/RHSA-2009-1062.html
http://www.securityfocus.com/archive/1/436836/100/0/threaded
http://www.securityfocus.com/bid/18034
http://www.vupen.com/english/advisories/2006/1868
http://www.vupen.com/english/advisories/2007/0381
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8
https://bugzilla.redhat.com/show_bug.cgi?id=502565
https://exchange.xforce.ibmcloud.com/vulnerabilities/26553
https://issues.rpath.com/browse/RPL-429
https://nvd.nist.gov/vuln/detail/CVE-2006-1861
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124
https://usn.ubuntu.com/291-1/
https://www.cve.org/CVERecord?id=CVE-2006-1861
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2006-05-23T10:00:00

Updated: 2024-08-07T17:27:29.390Z

Reserved: 2006-04-19T00:00:00

Link: CVE-2006-1861

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-05-23T10:06:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-1861

Redhat

Severity : Moderate

Publid Date: 2006-05-15T00:00:00Z

Links: CVE-2006-1861 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-05-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "SUSE-SA:2006:037", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"}, {"name": "20791", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20791"}, {"name": "27271", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27271"}, {"name": "33937", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/33937"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/project/shownotes.php?release_id=416463"}, {"name": "102705", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"}, {"name": "21000", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21000"}, {"name": "20525", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20525"}, {"name": "21701", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21701"}, {"name": "GLSA-200607-02", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT3438"}, {"name": "27162", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27162"}, {"name": "FEDORA-2009-5644", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"}, {"name": "APPLE-SA-2009-02-12", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"name": "USN-291-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/291-1/"}, {"name": "21385", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21385"}, {"name": "FEDORA-2009-5558", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"}, {"name": "RHSA-2009:1062", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"}, {"name": "20060612 rPSA-2006-0100-1 freetype", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"}, {"name": "18034", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18034"}, {"name": "21135", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21135"}, {"name": "freetype-lwfn-overflow(26553)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"}, {"name": "RHSA-2006:0500", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"}, {"name": "oval:org.mitre.oval:def:9124", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"}, {"name": "23939", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23939"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"}, {"name": "20591", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20591"}, {"name": "SUSE-SR:2007:021", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"}, {"name": "27167", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27167"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"}, {"name": "20638", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20638"}, {"name": "20100", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20100"}, {"name": "1016522", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016522"}, {"name": "35233", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35233"}, {"name": "ADV-2007-0381", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0381"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-429"}, {"name": "20060701-01-U", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"}, {"name": "GLSA-200710-09", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"}, {"name": "35200", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35200"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"}, {"name": "21062", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21062"}, {"name": "RHSA-2009:0329", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"}, {"name": "35204", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35204"}, {"name": "MDKSA-2006:099", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"}, {"name": "DSA-1095", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-1095"}, {"name": "ADV-2006-1868", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1868"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:27:29.390Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SA:2006:037", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"}, {"name": "20791", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20791"}, {"name": "27271", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27271"}, {"name": "33937", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/33937"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/project/shownotes.php?release_id=416463"}, {"name": "102705", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"}, {"name": "21000", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21000"}, {"name": "20525", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20525"}, {"name": "21701", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21701"}, {"name": "GLSA-200607-02", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT3438"}, {"name": "27162", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27162"}, {"name": "FEDORA-2009-5644", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"}, {"name": "APPLE-SA-2009-02-12", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"name": "USN-291-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/291-1/"}, {"name": "21385", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21385"}, {"name": "FEDORA-2009-5558", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"}, {"name": "RHSA-2009:1062", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"}, {"name": "20060612 rPSA-2006-0100-1 freetype", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"}, {"name": "18034", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18034"}, {"name": "21135", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21135"}, {"name": "freetype-lwfn-overflow(26553)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"}, {"name": "RHSA-2006:0500", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"}, {"name": "oval:org.mitre.oval:def:9124", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"}, {"name": "23939", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23939"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"}, {"name": "20591", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20591"}, {"name": "SUSE-SR:2007:021", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"}, {"name": "27167", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27167"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"}, {"name": "20638", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20638"}, {"name": "20100", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20100"}, {"name": "1016522", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016522"}, {"name": "35233", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35233"}, {"name": "ADV-2007-0381", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0381"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-429"}, {"name": "20060701-01-U", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"}, {"name": "GLSA-200710-09", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"}, {"name": "35200", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35200"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"}, {"name": "21062", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21062"}, {"name": "RHSA-2009:0329", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"}, {"name": "35204", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35204"}, {"name": "MDKSA-2006:099", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"}, {"name": "DSA-1095", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-1095"}, {"name": "ADV-2006-1868", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1868"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-1861", "datePublished": "2006-05-23T10:00:00", "dateReserved": "2006-04-19T00:00:00", "dateUpdated": "2024-08-07T17:27:29.390Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493."}], "id": "CVE-2006-1861", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-05-23T10:06:00.000", "references": [{"source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"}, {"source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"}, {"source": "secalert@redhat.com", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20100"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20525"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20591"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20638"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20791"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21000"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21062"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21135"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21385"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21701"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23939"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27162"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27167"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27271"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33937"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35200"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35204"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35233"}, {"source": "secalert@redhat.com", "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"}, {"source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1016522"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=416463"}, {"source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"}, {"source": "secalert@redhat.com", "url": "http://support.apple.com/kb/HT3438"}, {"source": "secalert@redhat.com", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-1095"}, {"source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/18034"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1868"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0381"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-429"}, {"source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"}, {"source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/291-1/"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20100"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20525"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20591"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20638"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20791"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21000"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21062"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21135"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21385"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21701"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23939"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27162"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27167"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/27271"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/33937"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35200"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35204"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35233"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016522"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://sourceforge.net/project/shownotes.php?release_id=416463"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3438"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1095"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/18034"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/1868"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0381"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-429"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/291-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2009:1062", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "package": "freetype-0:2.0.3-17.el21", "product_name": "Red Hat Enterprise Linux 2.1", "release_date": "2009-05-22T00:00:00Z"}, {"advisory": "RHSA-2006:0500", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "freetype-0:2.1.4-4.0.rhel3.2", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2006-07-18T00:00:00Z"}, {"advisory": "RHSA-2009:0329", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "freetype-0:2.1.4-12.el3", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2009-05-22T00:00:00Z"}, {"advisory": "RHSA-2006:0500", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "freetype-0:2.1.9-1.rhel4.4", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2006-07-18T00:00:00Z"}, {"advisory": "RHSA-2009:0329", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "freetype-0:2.1.9-10.el4.7", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2009-05-22T00:00:00Z"}], "bugzilla": {"description": "freetype: multiple integer overflow vulnerabilities", "id": "484437", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484437"}, "csaw": false, "cwe": "CWE-190", "details": ["Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493."], "name": "CVE-2006-1861", "public_date": "2006-05-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2006-1861\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-1861"], "threat_severity": "Moderate"}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object