FreeType 2 contains a vulnerability in the processing of CFF fonts, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
FreeType is a font engine that can open and process font files. FreeType 2 includes the ability to handle a number of font types, including Compact Font Format (CFF). FreeType is used by a number of applications, including PDF readers, web browsers, and other applications. FreeType 2 contains a flaw in the handling of some CFF opcodes, which can result in stack corruption. This can allow arbitrary code execution.
This vulnerability is being used in the iPhone PDF JailBreak exploit.
By causing an application that uses FreeType to parse a specially-crafted CFF font, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. This can occur as the result of opening a PDF document or viewing a web page.
Apply an update
Apple Inc. Affected
Debian GNU/Linux Affected
F5 Networks, Inc. Affected
Foxit Software Company Affected
Gentoo Linux Affected
Red Hat, Inc. Affected
SUSE Linux Affected
Wind River Systems, Inc. Affected
Google Not Affected
Juniper Networks, Inc. Not Affected
Openwall GNU/*/Linux Not Affected
Conectiva Inc. Unknown
Cray Inc. Unknown
DragonFly BSD Project Unknown
EMC Corporation Unknown
Engarde Secure Linux Unknown
Fedora Project Unknown
FreeBSD Project Unknown
Hewlett-Packard Company Unknown
IBM Corporation Unknown
IBM Corporation (zseries) Unknown
IBM eServer Unknown
Mandriva S. A. Unknown
Microsoft Corporation Unknown
MontaVista Software, Inc. Unknown
NEC Corporation Unknown
Novell, Inc. Unknown
QNX Software Systems Inc. Unknown
Silicon Graphics, Inc. Unknown
Slackware Linux Inc. Unknown
Sony Corporation Unknown
Sun Microsystems, Inc. Unknown
The SCO Group Unknown
This vulnerability was discovered being exploited in the wild. Additional analysis was performed by Braden Thomas of Apple Product Security.
This document was written by Will Dormann.
|Date First Published:||2010-08-05|
|Date Last Updated:||2010-09-14 10:17 UTC|