CVE-2010-2527 — Vulnetix

Try Vulnetix Request Demo

CVE-2010-2527 PUBLISHED CVSS 6.800000190734863 MEDIUM

Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

EPSS 2.33% · 84.7th percentile

Risk Scores

CVSS v2.0

6.800000190734863

EPSS Score

2.33%

84.7th percentile

Affected Products

Vendor	Product	Versions
debian	debian_linux	5.0
freetype	freetype	0
canonical	ubuntu_linux	8.04, 9.04, 9.10
n/a	n/a	n/a

Timeline

Aug 19, 2010 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 3, 2023 EPSS Score
Feb 4, 2023 EPSS Score
Feb 13, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

http://securitytracker.com/id?1024266 url
USN-963-1 vendor-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=614557 url
[freetype] 20100712 FreeType 2.4.0 has been released mailing-list
DSA-2070 vendor-advisory
http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec url
[oss-security] 20100714 Re: Multiple bugs in freetype mailing-list
RHSA-2010:0578 vendor-advisory
RHSA-2010:0577 vendor-advisory
http://savannah.nongnu.org/bugs/?30054 url
48951 third-party-advisory
https://nvd.nist.gov/vuln/detail/CVE-2010-2527 advisory

Open in Interactive Console →