Solution
Please Install the Updated Packages.
Insight
Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially craftedfont file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. (CVE-2014-2240, CVE-2014-2241)
Affected
freetype on Ubuntu 13.10
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-2240, CVE-2014-2241 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Ubuntu Update for clamav USN-2488-2
- Ubuntu Update for apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update USN-930-2
- Ubuntu Update for ffmpeg, ffmpeg-debian regression USN-931-2
- Ubuntu Update for bash USN-2380-1
- Ubuntu Update for apt-listchanges vulnerability USN-572-1