VDB
CVE-2010-2541
CVE-2010-2541
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
EPSS 3.64% · 88.1th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
3.64%
88.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| freetype | freetype | 0 |
| n/a | n/a | n/a |
| canonical | ubuntu_linux | 10.04, 9.04, 6.06 |
Exploit Intelligence
- https://bugzilla.redhat.com/show_bug.cgi?id=617342 (circl)
- https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 (circl)
- USN-972-1 (circl)
- http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 (circl)
- 1024266 (circl)
- http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view (circl)
- 40982 (circl)
- RHSA-2010:0578 (circl)
- ADV-2010-2106 (circl)
- RHSA-2010:0577 (circl)
…and 1 more exploits
Timeline
- Aug 19, 2010 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- https://bugzilla.redhat.com/show_bug.cgi?id=617342 url
- https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 url
- USN-972-1 vendor-advisory
- http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 url
- 1024266 vdb
- http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view url
- 40982 third-party-advisory
- RHSA-2010:0578 vendor-advisory
- ADV-2010-2106 vdb
- RHSA-2010:0577 vendor-advisory
- 48951 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2010-2541 advisory