Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: SuSE Local Security Checks --> Category: infos

SUSE-SA:2006:037: freetype2, freetype2-devel Vulnerability Scan


Vulnerability Scan Summary
Check for the version of the freetype2, freetype2-devel package

Detailed Explanation for this Vulnerability Test

The remote host is missing the patch for the advisory SUSE-SA:2006:037 (freetype2, freetype2-devel).


The freetype2 library renders TrueType fonts for open source projects.
More than 900 packages on SUSE Linux use this library. Therefore the
integer overflows in this code found by Josh Bressers and Chris Evans
might have a high impact on the security of a desktop system.

The bugs can lead to a remote denial-of-service attack and may lead to
remote command execution. The user needs to use a program that uses
freetype2 (almost all GUI applications do) and let this program process
malicious font data.


Solution : http://www.suse.de/security/http://www.novell.com/linux/security/advisories/2006_37.freetype.html
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.