Skip to main content

Sun Solaris XServer FreeType CFF Font Parsing Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 30 Sep 2010 5548 Views

RISK: Medium Risk

A vulnerability has been identified in Sun Solaris and OpenSolaris, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by an error in the FreeType library used by Xserver.


Impact

  • Remote Code Execution

System / Technologies affected

  • Sun Solaris 10
  • Sun Solaris 9
  • Sun Solaris 8
  • Sun OpenSolaris

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Sun OpenSolaris - Upgrade to snv_111b and apply bug fix for 6974339
  • Sun Solaris 10 (SPARC) - Apply patch 119812-09
  • Sun Solaris 10 (x86) - Apply patch 119813-11
  • Sun Solaris 9 (SPARC) - Apply patch 116105-11
  • Sun Solaris 9 (x86) - Apply patch 116106-10
  • Sun Solaris 8 (SPARC) - Apply patch 124420-05
  • Sun Solaris 8 (x86) - Apply patch 124421-05


Vulnerability Identifier


Source


Related Link