rpm package
opensuse/freetype2&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/freetype2&distro=openSUSE%20Tumbleweed
Vulnerabilities (63)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-9662 | — | < 2.7-1.1 | 2.7-1.1 | Feb 8, 2015 | cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font. | ||
| CVE-2014-9661 | — | < 2.7-1.1 | 2.7-1.1 | Feb 8, 2015 | type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font. | ||
| CVE-2014-9660 | — | < 2.7-1.1 | 2.7-1.1 | Feb 8, 2015 | The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font. | ||
| CVE-2014-9659 | — | < 2.7-1.1 | 2.7-1.1 | Feb 8, 2015 | cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenTyp | ||
| CVE-2014-9658 | — | < 2.7-1.1 | 2.7-1.1 | Feb 8, 2015 | The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. | ||
| CVE-2014-9657 | — | < 2.7-1.1 | 2.7-1.1 | Feb 8, 2015 | The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. | ||
| CVE-2014-9656 | — | < 2.7-1.1 | 2.7-1.1 | Feb 8, 2015 | The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font | ||
| CVE-2014-2241 | — | < 2.7-1.1 | 2.7-1.1 | Mar 18, 2014 | The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf fi | ||
| CVE-2014-2240 | — | < 2.7-1.1 | 2.7-1.1 | Mar 12, 2014 | Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file. | ||
| CVE-2012-5670 | — | < 2.7-1.1 | 2.7-1.1 | Jan 24, 2013 | The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value. | ||
| CVE-2012-5669 | — | < 2.7-1.1 | 2.7-1.1 | Jan 24, 2013 | The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. | ||
| CVE-2012-5668 | — | < 2.7-1.1 | 2.7-1.1 | Jan 24, 2013 | FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function. | ||
| CVE-2012-1144 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. | ||
| CVE-2012-1143 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. | ||
| CVE-2012-1142 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font. | ||
| CVE-2012-1141 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font. | ||
| CVE-2012-1140 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object. | ||
| CVE-2012-1139 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a | ||
| CVE-2012-1138 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a T | ||
| CVE-2012-1137 | — | < 2.7-1.1 | 2.7-1.1 | Apr 25, 2012 | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font. |
- CVE-2014-9662Feb 8, 2015affected < 2.7-1.1fixed 2.7-1.1
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
- CVE-2014-9661Feb 8, 2015affected < 2.7-1.1fixed 2.7-1.1
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
- CVE-2014-9660Feb 8, 2015affected < 2.7-1.1fixed 2.7-1.1
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
- CVE-2014-9659Feb 8, 2015affected < 2.7-1.1fixed 2.7-1.1
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenTyp
- CVE-2014-9658Feb 8, 2015affected < 2.7-1.1fixed 2.7-1.1
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
- CVE-2014-9657Feb 8, 2015affected < 2.7-1.1fixed 2.7-1.1
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
- CVE-2014-9656Feb 8, 2015affected < 2.7-1.1fixed 2.7-1.1
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font
- CVE-2014-2241Mar 18, 2014affected < 2.7-1.1fixed 2.7-1.1
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf fi
- CVE-2014-2240Mar 12, 2014affected < 2.7-1.1fixed 2.7-1.1
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.
- CVE-2012-5670Jan 24, 2013affected < 2.7-1.1fixed 2.7-1.1
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.
- CVE-2012-5669Jan 24, 2013affected < 2.7-1.1fixed 2.7-1.1
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
- CVE-2012-5668Jan 24, 2013affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function.
- CVE-2012-1144Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
- CVE-2012-1143Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
- CVE-2012-1142Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
- CVE-2012-1141Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
- CVE-2012-1140Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
- CVE-2012-1139Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a
- CVE-2012-1138Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a T
- CVE-2012-1137Apr 25, 2012affected < 2.7-1.1fixed 2.7-1.1
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
Page 2 of 4