{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P><SPAN class=\"textit\">FreeType</SPAN> versions 2.3.4 et  ant\u00e9rieures.</P>","content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans FreeType concernant le\ntraitement des polices au format TTF. Un utilisateur mal intentionn\u00e9\npeut, par le biais d'une police au format TTF sp\u00e9cifiquement constitu\u00e9e,\nex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nAppliquer le correctif de FreeType (voir Documentation).\n","cves":[{"name":"CVE-2007-2754","url":"https://www.cve.org/CVERecord?id=CVE-2007-2754"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Ubuntu USN-466-1 du 30 mai 2007 :","url":"http://www.ubuntu.com/usn/usn-466-1"},{"title":"Bulletin s\u00e9curit\u00e9 Avaya ASA-2007-330 du 01 ao\u00fbt 2007 :","url":"http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm"},{"title":"Bulletin s\u00e9curit\u00e9 Mandriva MDKSA-2007:121 du 13 juin 2007 :","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:121"},{"title":"Correctif de FreeType :","url":"http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178"},{"title":"Bulletin s\u00e9curit\u00e9 Debian DSA-1302 du 10 juin 2007 :","url":"http://www.debian.org/security/2007/dsa-1302"},{"title":"Bulletin s\u00e9curit\u00e9 Red Hat RHSA-2007:0403 du 11 juin 2007 :","url":"http://www.redhat.com/errata/RHSA-2007-0403.html"},{"title":"Bulletin s\u00e9curit\u00e9 Gentoo GLSA-200707-02 du 02 juillet 2007    :","url":"http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml"},{"title":"Bulletin s\u00e9curit\u00e9 SuSE SUSE-SA:2007:041 du 04 juillet 2007    :","url":"http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00003.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Gentoo GLSA-200705-22 du 30 mai 2007 :","url":"http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml"},{"title":"Bulletin s\u00e9curit\u00e9 Debian DSA-1454 du 7 janvier 2008 :","url":"http://www.debian.org/security/2007/dsa-1454"},{"title":"Bulletin de s\u00e9curit\u00e9 Sun Solaris 103171 du 6 janvier 2008 :","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1"}],"reference":"CERTA-2007-AVI-226","revisions":[{"description":"version initiale.","revision_date":"2007-05-24T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Gentoo, Ubuntu.","revision_date":"2007-06-01T00:00:00.000000"},{"description":"ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 des \u00e9diteurs.","revision_date":"2007-08-06T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans <span class=\"textit\">FreeType</span> permet\nl'ex\u00e9cution de code arbitraire \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans FreeType","vendor_advisories":[{"published_at":null,"title":"R\u00e9f\u00e9rence CVE CVE-2007-2754","url":"https://www.cve.org/CVERecord?id=CVE-2007-2754"}]}