Unrated severityNVD Advisory· Published May 23, 2006· Updated Jun 16, 2026
CVE-2006-1861
CVE-2006-1861
Description
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*
- (no CPE)range: <2.2
Patches
Vulnerability mechanics
References
48- secunia.com/advisories/20100nvdPatchVendor Advisory
- sourceforge.net/project/shownotes.phpnvdPatch
- www.securityfocus.com/bid/18034nvdPatch
- secunia.com/advisories/20525nvdVendor Advisory
- secunia.com/advisories/20591nvdVendor Advisory
- secunia.com/advisories/20638nvdVendor Advisory
- secunia.com/advisories/20791nvdVendor Advisory
- secunia.com/advisories/21000nvdVendor Advisory
- secunia.com/advisories/21062nvdVendor Advisory
- secunia.com/advisories/21135nvdVendor Advisory
- secunia.com/advisories/21385nvdVendor Advisory
- secunia.com/advisories/21701nvdVendor Advisory
- secunia.com/advisories/23939nvdVendor Advisory
- secunia.com/advisories/27162nvdVendor Advisory
- secunia.com/advisories/27167nvdVendor Advisory
- secunia.com/advisories/27271nvdVendor Advisory
- secunia.com/advisories/33937nvdVendor Advisory
- secunia.com/advisories/35200nvdVendor Advisory
- secunia.com/advisories/35204nvdVendor Advisory
- secunia.com/advisories/35233nvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2009-0329.htmlnvdVendor Advisory
- www.redhat.com/support/errata/RHSA-2009-1062.htmlnvdVendor Advisory
- www.vupen.com/english/advisories/2006/1868nvdVendor Advisory
- www.vupen.com/english/advisories/2007/0381nvdVendor Advisory
- patches.sgi.com/support/free/security/advisories/20060701-01-Unvd
- lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.htmlnvd
- lists.suse.com/archive/suse-security-announce/2006-Jun/0012.htmlnvd
- security.gentoo.org/glsa/glsa-200607-02.xmlnvd
- securitytracker.com/idnvd
- sunsolve.sun.com/search/document.donvd
- support.apple.com/kb/HT3438nvd
- support.avaya.com/elmodocs2/security/ASA-2006-176.htmnvd
- www.debian.org/security/2006/dsa-1095nvd
- www.gentoo.org/security/en/glsa/glsa-200710-09.xmlnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2006-0500.htmlnvd
- www.securityfocus.com/archive/1/436836/100/0/threadednvd
- bugzilla.redhat.com/bugzilla/attachment.cginvd
- bugzilla.redhat.com/bugzilla/show_bug.cginvd
- bugzilla.redhat.com/bugzilla/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26553nvd
- issues.rpath.com/browse/RPL-429nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124nvd
- usn.ubuntu.com/291-1/nvd
- www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.htmlnvd
News mentions
0No linked articles in our index yet.