CVE-2006-2661 — Vulnetix

Try Vulnetix Request Demo

CVE-2006-2661 PUBLISHED CVSS 5 MEDIUM

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.

EPSS 12.64% · 93.9th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

12.64%

93.9th percentile

Affected Products

Vendor	Product	Versions
canonical	ubuntu_linux	5.10, 5.04, 6.06
debian	debian_linux	3.1, 3.0
freetype	freetype	0
n/a	n/a	n/a

Timeline

May 30, 2006 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676 url
SUSE-SA:2006:037 vendor-advisory
20791 third-party-advisory
oval:org.mitre.oval:def:11692 vdb
102705 vendor-advisory
18329 vdb
20525 third-party-advisory
21701 third-party-advisory
USN-291-1 vendor-advisory
21385 third-party-advisory
20060612 rPSA-2006-0100-1 freetype mailing-list
21135 third-party-advisory
RHSA-2006:0500 vendor-advisory
23939 third-party-advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm url
20591 third-party-advisory
20638 third-party-advisory
1016520 vdb
ADV-2007-0381 vdb
https://issues.rpath.com/browse/RPL-429 url

…and 6 more

Open in Interactive Console →