CVE-2007-2754
Detail
Deferred This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.
Description
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 2.0 Severity and Vector Strings:
Vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected]
URL
Source(s)
Tag(s)
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
CVE, Inc., Red Hat
http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178
CVE, Inc., Red Hat
Patch
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
CVE, Inc., Red Hat
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
CVE, Inc., Red Hat
http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html
CVE, Inc., Red Hat
Exploit
http://osvdb.org/36509
CVE, Inc., Red Hat
http://secunia.com/advisories/25350
CVE, Inc., Red Hat
http://secunia.com/advisories/25353
CVE, Inc., Red Hat
http://secunia.com/advisories/25386
CVE, Inc., Red Hat
http://secunia.com/advisories/25463
CVE, Inc., Red Hat
http://secunia.com/advisories/25483
CVE, Inc., Red Hat
http://secunia.com/advisories/25609
CVE, Inc., Red Hat
http://secunia.com/advisories/25612
CVE, Inc., Red Hat
http://secunia.com/advisories/25654
CVE, Inc., Red Hat
http://secunia.com/advisories/25705
CVE, Inc., Red Hat
http://secunia.com/advisories/25808
CVE, Inc., Red Hat
http://secunia.com/advisories/25894
CVE, Inc., Red Hat
http://secunia.com/advisories/25905
CVE, Inc., Red Hat
http://secunia.com/advisories/26129
CVE, Inc., Red Hat
http://secunia.com/advisories/26305
CVE, Inc., Red Hat
http://secunia.com/advisories/28298
CVE, Inc., Red Hat
http://secunia.com/advisories/30161
CVE, Inc., Red Hat
http://secunia.com/advisories/35074
CVE, Inc., Red Hat
http://secunia.com/advisories/35200
CVE, Inc., Red Hat
http://secunia.com/advisories/35204
CVE, Inc., Red Hat
http://secunia.com/advisories/35233
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1
CVE, Inc., Red Hat
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1
CVE, Inc., Red Hat
http://support.apple.com/kb/HT3549
CVE, Inc., Red Hat
http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm
CVE, Inc., Red Hat
http://www.debian.org/security/2007/dsa-1302
CVE, Inc., Red Hat
http://www.debian.org/security/2007/dsa-1334
CVE, Inc., Red Hat
http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml
CVE, Inc., Red Hat
http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml
CVE, Inc., Red Hat
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDKSA-2007:121
CVE, Inc., Red Hat
http://www.novell.com/linux/security/advisories/2007_41_freetype2.html
CVE, Inc., Red Hat
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2007-0403.html
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2009-0329.html
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2009-1062.html
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/469463/100/200/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/471286/30/6180/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/24074
CVE, Inc., Red Hat
http://www.securitytracker.com/id?1018088
CVE, Inc., Red Hat
http://www.trustix.org/errata/2007/0019/
CVE, Inc., Red Hat
http://www.ubuntu.com/usn/usn-466-1
CVE, Inc., Red Hat
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
CVE, Inc., Red Hat
US Government Resource
http://www.vupen.com/english/advisories/2007/1894
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2007/2229
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2008/0049
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2009/1297
CVE, Inc., Red Hat
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200
CVE, Inc., Red Hat
Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=502565
CVE, Inc., Red Hat
https://issues.rpath.com/browse/RPL-1390
CVE, Inc., Red Hat
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325
CVE, Inc., Red Hat
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532
CVE, Inc., Red Hat
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
CVE, Inc., Red Hat
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html
CVE, Inc., Red Hat
Weakness Enumeration
CWE-ID
CWE Name
Source
NVD-CWE-Other
Other
NIST  
Change History
7 change records found show changes
CVE Modified by CVE 11/20/2024 7:31:34 PM
Action
Type
Old Value
New Value
Added
Reference
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
Added
Reference
http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178
Added
Reference
http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html
Added
Reference
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
Added
Reference
http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html
Added
Reference
http://osvdb.org/36509
Added
Reference
http://secunia.com/advisories/25350
Added
Reference
http://secunia.com/advisories/25353
Added
Reference
http://secunia.com/advisories/25386
Added
Reference
http://secunia.com/advisories/25463
Added
Reference
http://secunia.com/advisories/25483
Added
Reference
http://secunia.com/advisories/25609
Added
Reference
http://secunia.com/advisories/25612
Added
Reference
http://secunia.com/advisories/25654
Added
Reference
http://secunia.com/advisories/25705
Added
Reference
http://secunia.com/advisories/25808
Added
Reference
http://secunia.com/advisories/25894
Added
Reference
http://secunia.com/advisories/25905
Added
Reference
http://secunia.com/advisories/26129
Added
Reference
http://secunia.com/advisories/26305
Added
Reference
http://secunia.com/advisories/28298
Added
Reference
http://secunia.com/advisories/30161
Added
Reference
http://secunia.com/advisories/35074
Added
Reference
http://secunia.com/advisories/35200
Added
Reference
http://secunia.com/advisories/35204
Added
Reference
http://secunia.com/advisories/35233
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1
Added
Reference
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1
Added
Reference
http://support.apple.com/kb/HT3549
Added
Reference
http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm
Added
Reference
http://www.debian.org/security/2007/dsa-1302
Added
Reference
http://www.debian.org/security/2007/dsa-1334
Added
Reference
http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml
Added
Reference
http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml
Added
Reference
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
Added
Reference
http://www.mandriva.com/security/advisories?name=MDKSA-2007:121
Added
Reference
http://www.novell.com/linux/security/advisories/2007_41_freetype2.html
Added
Reference
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2007-0403.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2009-0329.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2009-1062.html
Added
Reference
http://www.securityfocus.com/archive/1/469463/100/200/threaded
Added
Reference
http://www.securityfocus.com/archive/1/471286/30/6180/threaded
Added
Reference
http://www.securityfocus.com/bid/24074
Added
Reference
http://www.securitytracker.com/id?1018088
Added
Reference
http://www.trustix.org/errata/2007/0019/
Added
Reference
http://www.ubuntu.com/usn/usn-466-1
Added
Reference
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Added
Reference
http://www.vupen.com/english/advisories/2007/1894
Added
Reference
http://www.vupen.com/english/advisories/2007/2229
Added
Reference
http://www.vupen.com/english/advisories/2008/0049
Added
Reference
http://www.vupen.com/english/advisories/2009/1297
Added
Reference
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200
Added
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=502565
Added
Reference
https://issues.rpath.com/browse/RPL-1390
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532
Added
Reference
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html
Added
Reference
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html
CVE Modified by Red Hat, Inc. 5/13/2024 9:45:26 PM
Action
Type
Old Value
New Value
CVE Modified by Red Hat, Inc. 2/12/2023 9:17:41 PM
Action
Type
Old Value
New Value
Changed
Description
CVE-2007-2754 freetype integer overflow
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
Removed
Reference
https://access.redhat.com/errata/RHSA-2007:0403 [No Types Assigned]
Removed
Reference
https://access.redhat.com/errata/RHSA-2009:0329 [No Types Assigned]
Removed
Reference
https://access.redhat.com/errata/RHSA-2009:1062 [No Types Assigned]
Removed
Reference
https://access.redhat.com/security/cve/CVE-2007-2754 [No Types Assigned]
Removed
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=240200 [No Types Assigned]
CVE Modified by Red Hat, Inc. 2/02/2023 11:15:14 AM
Action
Type
Old Value
New Value
Changed
Description
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
CVE-2007-2754 freetype integer overflow
Added
Reference
https://access.redhat.com/errata/RHSA-2007:0403 [No Types Assigned]
Added
Reference
https://access.redhat.com/errata/RHSA-2009:0329 [No Types Assigned]
Added
Reference
https://access.redhat.com/errata/RHSA-2009:1062 [No Types Assigned]
Added
Reference
https://access.redhat.com/security/cve/CVE-2007-2754 [No Types Assigned]
Added
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=240200 [No Types Assigned]
CVE Modified by Red Hat, Inc. 10/16/2018 12:45:17 PM
Action
Type
Old Value
New Value
Added
Reference
http://www.securityfocus.com/archive/1/469463/100/200/threaded [No Types Assigned]
Added
Reference
http://www.securityfocus.com/archive/1/471286/30/6180/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/469463/100/200/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/471286/30/6180/threaded [No Types Assigned]
CVE Modified by Red Hat, Inc. 10/10/2017 9:32:22 PM
Action
Type
Old Value
New Value
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325 [No Types Assigned]
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532 [No Types Assigned]
Removed
Reference
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11325 [No Types Assigned]
Removed
Reference
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5532 [Tool Signature, US Government Resource]
Initial CVE Analysis 5/18/2007 10:06:00 AM
Action
Type
Old Value
New Value
Quick Info
CVE Dictionary Entry: CVE-2007-2754 NVD
Published Date: 05/17/2007 NVD
Last Modified: 04/08/2025
Source: Red Hat, Inc.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
