漏洞信息详情
FreeType psaux/t1decode.c Type 1字体解析漏洞
- CNNVD编号:CNNVD-201107-230
- 危害等级: 高危
- CVE编号: CVE-2011-0226
- 漏洞类型: 数字错误
- 发布时间: 2011-07-20
- 威胁类型: 远程
- 更新时间: 2011-07-20
- 厂 商: freetype
- 漏洞来源:
漏洞简介
FreeType是FreeType团队开发的一个基于C语言的、高质量的且可移植的开源字体引擎库,它可用来将字符栅格化并映射成位图以及提供其他字体相关业务的支持。
在CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple iOS 4.2.9之前版本和4.3.4之前的4.3.x版本及其他产品的CoreGraphics中使用的FreeType 2.4.6之前版本中的psaux/t1decode.c中存在整数符号错误漏洞。远程攻击者可借助PDF文档中的特制Type 1字体执行任意代码或导致拒绝服务(内存破坏和应用程序崩溃)。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
http://lists.nongnu.org/archive/HTML/freetype-devel/2011-07/msg00015.HTML
参考网址
来源: BID
名称: 48619
链接:http://www.securityfocus.com/bid/48619
来源: www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Appleinsider.com
链接:http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_iOS_jailbreak_based_on_pdf_exploit.HTML
来源: support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com
链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT4803
来源: support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com
链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT4802
来源: SECUNIA
名称: 45224
链接:http://secunia.com/advisories/45224
来源: SECUNIA
名称: 45167
链接:http://secunia.com/advisories/45167
来源: MLIST
名称: [freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?
链接:http://lists.nongnu.org/archive/HTML/freetype-devel/2011-07/msg00028.HTML
来源: MLIST
名称: [freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?
链接:http://lists.nongnu.org/archive/HTML/freetype-devel/2011-07/msg00026.HTML
来源: MLIST
名称: [freetype-devel] 20110709 Re: details on iPhone exploit caused by FreeType?
链接:http://lists.nongnu.org/archive/HTML/freetype-devel/2011-07/msg00020.HTML
来源: MLIST
名称: [freetype-devel] 20110708 Re: details on iPhone exploit caused by FreeType?
链接:http://lists.nongnu.org/archive/HTML/freetype-devel/2011-07/msg00015.HTML
来源: MLIST
名称: [freetype-devel] 20110708 details on iPhone exploit caused by FreeType?
链接:http://lists.nongnu.org/archive/HTML/freetype-devel/2011-07/msg00014.HTML
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2011-07-15-2
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2011//Jul/msg00001.HTML
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2011-07-15-1
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2011//Jul/msg00000.HTML
受影响实体
- Freetype Freetype:2.4.4
- Freetype Freetype:2.4.3
- Freetype Freetype:2.4.2
- Freetype Freetype:2.4.1
- Freetype Freetype:2.4.0
补丁
暂无
评论