Search for vulnerabilities
Vulnerability details: VCID-dd28-eenu-aaaj
Vulnerability ID VCID-dd28-eenu-aaaj
Aliases CVE-2006-0747
Summary Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
Status Published
Exploitability 2.0
Weighted Severity 6.2
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2006:0500
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40318 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.40905 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.44177 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.54937 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.66554 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.66554 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.66554 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
epss 0.66554 https://api.first.org/data/v1/epss?cve=CVE-2006-0747
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1618019
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2006-0747
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0747.json
https://api.first.org/data/v1/epss?cve=CVE-2006-0747
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0747
http://secunia.com/advisories/20525
http://secunia.com/advisories/20591
http://secunia.com/advisories/20638
http://secunia.com/advisories/20791
http://secunia.com/advisories/21062
http://secunia.com/advisories/21135
http://secunia.com/advisories/21385
http://secunia.com/advisories/21701
http://secunia.com/advisories/23939
http://secunia.com/advisories/35074
http://securitytracker.com/id?1016522
https://issues.rpath.com/browse/RPL-429
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1
http://support.apple.com/kb/HT3549
http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm
https://usn.ubuntu.com/291-1/
http://www.debian.org/security/2006/dsa-1095
http://www.mandriva.com/security/advisories?name=MDKSA-2006:099
http://www.redhat.com/support/errata/RHSA-2006-0500.html
http://www.securityfocus.com/archive/1/436836/100/0/threaded
http://www.securityfocus.com/bid/18326
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://www.vupen.com/english/advisories/2007/0381
http://www.vupen.com/english/advisories/2009/1297
1618019 https://bugzilla.redhat.com/show_bug.cgi?id=1618019
cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*
CVE-2006-0747 https://nvd.nist.gov/vuln/detail/CVE-2006-0747
CVE-2006-0747;OSVDB-26032 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/27992.txt
CVE-2006-0747;OSVDB-26032 Exploit https://www.securityfocus.com/bid/18326/info
RHSA-2006:0500 https://access.redhat.com/errata/RHSA-2006:0500
Data source Exploit-DB
Date added June 8, 2006
Description FreeType - '.TTF' File Remote Buffer Overflow
Ransomware campaign use Known
Source publication date June 8, 2006
Exploit type remote
Platform unix
Source update date Sept. 17, 2013
Source URL https://www.securityfocus.com/bid/18326/info
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2006-0747
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.9706
EPSS Score 0.40318
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.