{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-08-11T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=018f5c27813dd7eef4648fe254632ecea0c85a50"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=621144"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=11d65e8a1f1f14e56148fd991965424d9bd1cdbc"}, {"name": "14538", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/14538"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"}, {"name": "ADV-2010-2018", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/2018"}, {"name": "66828", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/66828"}, {"tags": ["x_refsource_MISC"], "url": "http://www.f-secure.com/weblog/archives/00002002.html"}, {"name": "USN-972-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-972-1"}, {"name": "APPLE-SA-2010-08-11-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html"}, {"name": "40816", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40816"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4292"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"}, {"name": "42151", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/42151"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT4291"}, {"name": "40982", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40982"}, {"name": "ADV-2010-2106", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/2106"}, {"name": "APPLE-SA-2010-08-11-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html"}, {"name": "48951", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48951"}, {"name": "appleios-pdf-code-execution(60856)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60856"}, {"name": "40807", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40807"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2010-1797", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=018f5c27813dd7eef4648fe254632ecea0c85a50", "refsource": "CONFIRM", "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=018f5c27813dd7eef4648fe254632ecea0c85a50"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=621144", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=621144"}, {"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=11d65e8a1f1f14e56148fd991965424d9bd1cdbc", "refsource": "CONFIRM", "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=11d65e8a1f1f14e56148fd991965424d9bd1cdbc"}, {"name": "14538", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/14538"}, {"name": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019", "refsource": "CONFIRM", "url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"}, {"name": "ADV-2010-2018", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/2018"}, {"name": "66828", "refsource": "OSVDB", "url": "http://osvdb.org/66828"}, {"name": "http://www.f-secure.com/weblog/archives/00002002.html", "refsource": "MISC", "url": "http://www.f-secure.com/weblog/archives/00002002.html"}, {"name": "USN-972-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-972-1"}, {"name": "APPLE-SA-2010-08-11-2", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html"}, {"name": "40816", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40816"}, {"name": "http://support.apple.com/kb/HT4292", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4292"}, {"name": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2", "refsource": "CONFIRM", "url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"}, {"name": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view", "refsource": "CONFIRM", "url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"}, {"name": "42151", "refsource": "BID", "url": "http://www.securityfocus.com/bid/42151"}, {"name": "http://support.apple.com/kb/HT4291", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT4291"}, {"name": "40982", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40982"}, {"name": "ADV-2010-2106", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/2106"}, {"name": "APPLE-SA-2010-08-11-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html"}, {"name": "48951", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48951"}, {"name": "appleios-pdf-code-execution(60856)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60856"}, {"name": "40807", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40807"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:35:53.632Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=018f5c27813dd7eef4648fe254632ecea0c85a50"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=621144"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=11d65e8a1f1f14e56148fd991965424d9bd1cdbc"}, {"name": "14538", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/14538"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"}, {"name": "ADV-2010-2018", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/2018"}, {"name": "66828", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/66828"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.f-secure.com/weblog/archives/00002002.html"}, {"name": "USN-972-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-972-1"}, {"name": "APPLE-SA-2010-08-11-2", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html"}, {"name": "40816", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40816"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4292"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"}, {"name": "42151", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/42151"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT4291"}, {"name": "40982", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40982"}, {"name": "ADV-2010-2106", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/2106"}, {"name": "APPLE-SA-2010-08-11-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html"}, {"name": "48951", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48951"}, {"name": "appleios-pdf-code-execution(60856)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60856"}, {"name": "40807", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40807"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2010-1797", "datePublished": "2010-08-16T18:25:00", "dateReserved": "2010-05-06T00:00:00", "dateUpdated": "2024-08-07T01:35:53.632Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:-:iphone:*:*:*:*:*", "matchCriteriaId": "B669868B-F358-4D5B-9D64-4A462F261553", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:-:iphone:*:*:*:*:*", "matchCriteriaId": "A14B31DE-AA3D-4FA2-A4F4-0A6A51AFA7FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:-:iphone:*:*:*:*:*", "matchCriteriaId": "4261E5C1-DC93-437E-B84F-A30380AFDC40", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "079BB54C-25FD-4B26-B171-368911960F76", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:-:iphone:*:*:*:*:*", "matchCriteriaId": "DF292FED-19A4-4031-9B1F-151C0146F3B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:-:iphone:*:*:*:*:*", "matchCriteriaId": "5183082C-556F-479F-9FC1-42B59BBB840B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "AAC3FBF0-F128-412D-9FD5-13BB2EB92DD7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:-:iphone:*:*:*:*:*", "matchCriteriaId": "2FFCFEA4-C5E2-4C46-B8C3-ADCDBA4B85EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "7E7AA027-8CF9-49BD-A000-82880E41D622", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:-:iphone:*:*:*:*:*", "matchCriteriaId": "4FA51920-223B-4DF4-802C-188F5A8B0563", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "4385635D-46F2-4642-9C78-1346DC120492", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:-:iphone:*:*:*:*:*", "matchCriteriaId": "2C63C36E-1997-4F44-80AD-E665CE46A278", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "20DAE911-C037-4F10-82A3-EF42D5FB71D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:-:iphone:*:*:*:*:*", "matchCriteriaId": "02BFDD6F-B9C3-42BB-A84A-828193FAA137", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "0A66D6DC-9A48-4BD6-9E01-0D9FF388457C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:-:iphone:*:*:*:*:*", "matchCriteriaId": "CFD4325B-A86A-4C1B-930F-56C17FB6281D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "C59B8C50-BF5D-4E9A-8E5B-99B34E974B5A", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:-:iphone:*:*:*:*:*", "matchCriteriaId": "2904DEFA-7769-43DB-B3D0-B552AE8F06A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "D4CE4199-BBF5-4F42-8BBC-BD946079C912", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1:-:iphone:*:*:*:*:*", "matchCriteriaId": "0AD5106E-CD7C-4952-A9B1-5F72D99276E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "34346F55-4972-427B-8F96-780FA91DB95D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.2:-:iphone:*:*:*:*:*", "matchCriteriaId": "B7235341-983F-4578-98DC-39BC278A7556", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:-:iphone:*:*:*:*:*", "matchCriteriaId": "BA5C2D75-4019-45EB-8AF9-A850B5349507", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "AD136376-331D-494F-9D12-7E631546E8CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.0:-:iphone:*:*:*:*:*", "matchCriteriaId": "A066B59B-D5C8-4AA8-9CC7-5D34F4AB88AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.0:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "F07B3FE7-96B3-493A-A230-5642BA11FBDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2CFF5BE7-2BF6-48CE-B74B-B1A05383C10F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.0.1:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "9FB0870F-82CF-4C97-BDC6-F0C4BBE7462D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "51D3BE2B-5A01-4AD4-A436-0056B50A535D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1:-:iphone:*:*:*:*:*", "matchCriteriaId": "E357722F-4976-4E47-BFB5-709480BAE267", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "F43A6FEC-ECA9-44A4-AD00-FDC6F3990DC0", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9A20F171-79FE-43B9-8309-B18341639FA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1.2:-:iphone:*:*:*:*:*", "matchCriteriaId": "7CA92907-90C9-4BD6-8EE8-8FA6298C3D0F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1.2:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "52283848-67CC-4E4B-A849-1225F2BCBD9F", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "126EF22D-29BC-4366-97BC-B261311E6251", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.1.3:-:iphone:*:*:*:*:*", "matchCriteriaId": "220590DA-2B6A-4FC9-B456-3053EED9D96E", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "3B3DD7B3-DA4C-4B0A-A94E-6BF66B358B7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2:-:iphone:*:*:*:*:*", "matchCriteriaId": "3FE3CDE8-6497-445E-A845-8A1C2A4EDEB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "9E4D3134-28BC-4C30-A9B0-559338FBBDFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A939B80-0AD0-48AF-81A7-370716F56639", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:3.2.1:-:ipad:*:*:*:*:*", "matchCriteriaId": "98C41674-370B-4CF0-817B-3843D93A10DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0:-:iphone:*:*:*:*:*", "matchCriteriaId": "954CDDCB-AC22-448D-8ECA-CFA4DBA1BC27", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "54FECD66-4216-43FC-9959-B8EA9545449C", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BB34ECBE-33E8-40E1-936B-7800D2525AE6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:-:iphone:*:*:*:*:*", "matchCriteriaId": "ECE983F6-A597-4581-A254-80396B54F2D5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*", "matchCriteriaId": "586C0CB3-98E5-4CB3-8F23-27F01233D6C4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n ?stack de la memoria en la funci\u00f3n cff_decoder_parse_charstrings en el int\u00e9rprete CFF Type2 CharStrings en el archivo cff/cffgload.c en FreeType anterior a versi\u00f3n 2.4.2, tal y como es usado en iOS de Apple anterior a versi\u00f3n 4.0.2 en el iPhone y iPod touch y anterior a versi\u00f3n 3.2.2 en el iPad, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) por medio de c\u00f3digos CFF especialmente dise\u00f1ados en fuentes insertadas en un documento PDF, como es demostrado por JailbreakMe. NOTA: algunos de estos detalles son obtenidos de informaci\u00f3n de terceros."}], "id": "CVE-2010-1797", "lastModified": "2021-05-23T00:52:44.820", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-08-16T18:39:40.403", "references": [{"source": "product-security@apple.com", "url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"}, {"source": "product-security@apple.com", "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=018f5c27813dd7eef4648fe254632ecea0c85a50"}, {"source": "product-security@apple.com", "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=11d65e8a1f1f14e56148fd991965424d9bd1cdbc"}, {"source": "product-security@apple.com", "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00000.html"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00001.html"}, {"source": "product-security@apple.com", "url": "http://osvdb.org/66828"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40807"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40816"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40982"}, {"source": "product-security@apple.com", "url": "http://secunia.com/advisories/48951"}, {"source": "product-security@apple.com", "url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT4291"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://support.apple.com/kb/HT4292"}, {"source": "product-security@apple.com", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/14538"}, {"source": "product-security@apple.com", "url": "http://www.f-secure.com/weblog/archives/00002002.html"}, {"source": "product-security@apple.com", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/42151"}, {"source": "product-security@apple.com", "url": "http://www.ubuntu.com/usn/USN-972-1"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/2018"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/2106"}, {"source": "product-security@apple.com", "url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"}, {"source": "product-security@apple.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=621144"}, {"source": "product-security@apple.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60856"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Braden Thomas (Apple Product Security team) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2010:0607", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "freetype-0:2.1.4-16.el3", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2010-08-05T00:00:00Z"}, {"advisory": "RHSA-2010:0607", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "freetype-0:2.1.9-15.el4.8", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2010-08-05T00:00:00Z"}, {"advisory": "RHSA-2010:0607", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "freetype-0:2.2.1-26.el5_5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2010-08-05T00:00:00Z"}], "bugzilla": {"description": "FreeType: Multiple stack overflows by processing CFF opcodes", "id": "621144", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=621144"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information."], "name": "CVE-2010-1797", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "freetype", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2010-08-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2010-1797\nhttps://nvd.nist.gov/vuln/detail/CVE-2010-1797"], "threat_severity": "Important"}