rpm package
suse/freetype2&distro=SUSE Linux Enterprise Server 11 SP4
pkg:rpm/suse/freetype2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-8287 | Cri | 9.8 | < 2.3.7-25.45.5.1 | 2.3.7-25.45.5.1 | Apr 27, 2017 | FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. | |
| CVE-2017-8105 | Cri | 9.8 | < 2.3.7-25.45.5.1 | 2.3.7-25.45.5.1 | Apr 24, 2017 | FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. | |
| CVE-2016-10328 | Cri | 9.8 | < 2.3.7-25.45.8.1 | 2.3.7-25.45.8.1 | Apr 14, 2017 | FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. | |
| CVE-2016-10244 | Hig | 7.8 | < 2.3.7-25.45.5.1 | 2.3.7-25.45.5.1 | Mar 6, 2017 | The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. | |
| CVE-2014-9747 | Hig | 7.5 | < 2.3.7-25.41.4 | 2.3.7-25.41.4 | Jun 7, 2016 | The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font. | |
| CVE-2014-9745 | — | < 2.3.7-25.41.4 | 2.3.7-25.41.4 | Sep 14, 2015 | The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage. |
- affected < 2.3.7-25.45.5.1fixed 2.3.7-25.45.5.1
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
- affected < 2.3.7-25.45.5.1fixed 2.3.7-25.45.5.1
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
- affected < 2.3.7-25.45.8.1fixed 2.3.7-25.45.8.1
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
- affected < 2.3.7-25.45.5.1fixed 2.3.7-25.45.5.1
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.
- affected < 2.3.7-25.41.4fixed 2.3.7-25.41.4
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.
- CVE-2014-9745Sep 14, 2015affected < 2.3.7-25.41.4fixed 2.3.7-25.41.4
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.