CVE 2010-3311
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797.
Related bugs and status
CVE-2010-3311 (Candidate) is related to these bugs:
Bug #700198: CVE-2009-0793
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 700198 | CVE-2009-0793 | lcms (Ubuntu) | Undecided | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6 (Ubuntu) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6b18 (Ubuntu) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | gimp (Ubuntu) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | ia32-libs (Ubuntu) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | gimp (Ubuntu Hardy) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | ia32-libs (Ubuntu Hardy) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | lcms (Ubuntu Hardy) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6 (Ubuntu Hardy) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6b18 (Ubuntu Hardy) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | gimp (Ubuntu Karmic) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | ia32-libs (Ubuntu Karmic) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | lcms (Ubuntu Karmic) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6 (Ubuntu Karmic) | Undecided | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6b18 (Ubuntu Karmic) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | gimp (Ubuntu Lucid) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | ia32-libs (Ubuntu Lucid) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | lcms (Ubuntu Lucid) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6 (Ubuntu Lucid) | Undecided | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6b18 (Ubuntu Lucid) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | gimp (Ubuntu Maverick) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | ia32-libs (Ubuntu Maverick) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | lcms (Ubuntu Maverick) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6 (Ubuntu Maverick) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6b18 (Ubuntu Maverick) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | gimp (Ubuntu Natty) | Undecided | Invalid | ||
| 700198 | CVE-2009-0793 | ia32-libs (Ubuntu Natty) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | lcms (Ubuntu Natty) | Undecided | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6 (Ubuntu Natty) | Low | Fix Released | ||
| 700198 | CVE-2009-0793 | openjdk-6b18 (Ubuntu Natty) | Low | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
