CVE - CVE-2006-3467

CVE-ID
CVE-2006-3467	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1016522 URL:http://securitytracker.com/id?1016522 MISC:102705 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1~~ (Obsolete source) MISC:2006-0052 URL:~~http://www.trustix.org/errata/2006/0052/~~ (Obsolete source - check if archived by the Wayback Machine) MISC:20060701-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U MISC:20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs URL:http://www.securityfocus.com/archive/1/444318/100/0/threaded MISC:20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1 URL:http://www.securityfocus.com/archive/1/451419/100/200/threaded MISC:20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4 URL:http://www.securityfocus.com/archive/1/451404/100/0/threaded MISC:20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2 URL:http://www.securityfocus.com/archive/1/451417/100/200/threaded MISC:20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2 URL:http://www.securityfocus.com/archive/1/451426/100/200/threaded MISC:21062 URL:http://secunia.com/advisories/21062 MISC:21135 URL:http://secunia.com/advisories/21135 MISC:21144 URL:http://secunia.com/advisories/21144 MISC:21232 URL:http://secunia.com/advisories/21232 MISC:21285 URL:http://secunia.com/advisories/21285 MISC:21566 URL:http://secunia.com/advisories/21566 MISC:21567 URL:http://secunia.com/advisories/21567 MISC:21606 URL:http://secunia.com/advisories/21606 MISC:21626 URL:http://secunia.com/advisories/21626 MISC:21701 URL:http://secunia.com/advisories/21701 MISC:21793 URL:http://secunia.com/advisories/21793 MISC:21798 URL:http://secunia.com/advisories/21798 MISC:21836 URL:http://secunia.com/advisories/21836 MISC:22027 URL:http://secunia.com/advisories/22027 MISC:22332 URL:http://secunia.com/advisories/22332 MISC:22875 URL:http://secunia.com/advisories/22875 MISC:22907 URL:http://secunia.com/advisories/22907 MISC:23400 URL:http://secunia.com/advisories/23400 MISC:23939 URL:http://secunia.com/advisories/23939 MISC:27271 URL:http://secunia.com/advisories/27271 MISC:33937 URL:http://secunia.com/advisories/33937 MISC:ADV-2006-4502 URL:~~http://www.vupen.com/english/advisories/2006/4502~~ (Obsolete source) MISC:ADV-2006-4522 URL:~~http://www.vupen.com/english/advisories/2006/4522~~ (Obsolete source) MISC:ADV-2007-0381 URL:~~http://www.vupen.com/english/advisories/2007/0381~~ (Obsolete source) MISC:APPLE-SA-2009-02-12 URL:http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html MISC:DSA-1178 URL:http://www.debian.org/security/2006/dsa-1178 MISC:DSA-1193 URL:http://www.debian.org/security/2006/dsa-1193 MISC:GLSA-200609-04 URL:http://security.gentoo.org/glsa/glsa-200609-04.xml MISC:MDKSA-2006:129 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:129~~ (Obsolete source) MISC:MDKSA-2006:148 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:148~~ (Obsolete source) MISC:RHSA-2006:0500 URL:http://www.redhat.com/support/errata/RHSA-2006-0500.html MISC:RHSA-2006:0634 URL:http://www.redhat.com/support/errata/RHSA-2006-0634.html MISC:RHSA-2006:0635 URL:http://www.redhat.com/support/errata/RHSA-2006-0635.html MISC:SUSE-SA:2006:045 URL:http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html MISC:SUSE-SR:2007:021 URL:http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html MISC:USN-324-1 URL:http://www.ubuntu.com/usn/usn-324-1 MISC:USN-341-1 URL:http://www.ubuntu.com/usn/usn-341-1 MISC:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 URL:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 MISC:http://support.apple.com/kb/HT3438 URL:http://support.apple.com/kb/HT3438 MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm MISC:http://www.vmware.com/download/esx/esx-202-200610-patch.html URL:http://www.vmware.com/download/esx/esx-202-200610-patch.html MISC:http://www.vmware.com/download/esx/esx-213-200610-patch.html URL:http://www.vmware.com/download/esx/esx-213-200610-patch.html MISC:http://www.vmware.com/download/esx/esx-254-200610-patch.html URL:http://www.vmware.com/download/esx/esx-254-200610-patch.html MISC:oval:org.mitre.oval:def:10673 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673
Assigning CNA
Red Hat, Inc.
Date Record Created
20060710	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060710)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)