HTTP: PDF FreeType Compact Font Format Multiple Overflow
This signature detects attempts to exploit a known vulnerability in multiple PDF readers. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
FreeType is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Successful exploits may allow attackers to execute arbitrary code in the context of an application using the affected library. Failed exploit attempts will likely result in denial-of-service conditions. NOTE (August 12, 2010): The Type2 'CharStrings' buffer-overflow issue was duplicated in BID 42151 (Apple iOS Multiple Vulnerabilities). This BID has been updated to reflect details that may have been included in BID 42151.
Affected Products
Apple ipod_touch,Avaya proactive_contact
References
BugTraq: 42241
CVE: CVE-2010-1797
URL: http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#iphone http://www.foxitsoftware.com/pdf/reader/bugfix.php http://www.freetype.org/ https://bugzilla.redhat.com/show_bug.cgi?id=621144 http://www.foxitsoftware.com/announcements/2010861227.html
Short Name
HTTP:STC:ADOBE:PDF-FREETYPE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-1797 CVE-2010-2972 Compact Font Format FreeType Multiple Overflow PDF bid:42241
Release Date
01/06/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3610
False Positive
Unknown
Vendors
Red_hat
Freetype
Suse
Apple
Gentoo
Sun
Avaya
Debian
Pardus
Ubuntu
Mandriva
Foxit
CVSS Score
9.3