rpm package
suse/fontconfig&distro=SUSE Linux Enterprise Server 11 SP4
pkg:rpm/suse/fontconfig&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5384 | Hig | 7.8 | < 2.6.0-10.19.1 | 2.6.0-10.19.1 | Aug 13, 2016 | fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. |
- affected < 2.6.0-10.19.1fixed 2.6.0-10.19.1
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.