mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-27 06:12:23 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2008-1806
Description
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
POC
Reference
- http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780
- http://www.ubuntu.com/usn/usn-643-1
- http://www.vmware.com/security/advisories/VMSA-2008-0014.html
- http://www.vmware.com/support/player/doc/releasenotes_player.html
- http://www.vmware.com/support/player2/doc/releasenotes_player2.html
- http://www.vmware.com/support/server/doc/releasenotes_server.html
- http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
- http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321
Github
No PoCs found on GitHub currently.