VYPR

Freetype

by FreeType

Source repositories

CVEs (99)

  • CVE-2014-9666Feb 8, 2015
    risk 0.00cvss epss 0.04

    The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have…

  • CVE-2014-9665Feb 8, 2015
    risk 0.00cvss epss 0.05

    The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact…

  • CVE-2014-9664Feb 8, 2015
    risk 0.00cvss epss 0.04

    FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and…

  • CVE-2014-9663Feb 8, 2015
    risk 0.00cvss epss 0.05

    The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact…

  • CVE-2014-9662Feb 8, 2015
    risk 0.00cvss epss 0.04

    cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.

  • CVE-2014-9661Feb 8, 2015
    risk 0.00cvss epss 0.04

    type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.

  • CVE-2014-9660Feb 8, 2015
    risk 0.00cvss epss 0.05

    The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.

  • CVE-2014-9658Feb 8, 2015
    risk 0.00cvss epss 0.05

    The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

  • CVE-2014-9657Feb 8, 2015
    risk 0.00cvss epss 0.05

    The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

  • CVE-2014-9656Feb 8, 2015
    risk 0.00cvss epss 0.05

    The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType…

  • CVE-2014-3175Aug 27, 2014
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly have other impact via unknown vectors, related to the load_truetype_glyph function in truetype/ttgload.c in FreeType and other functions in other…

  • CVE-2014-2241Mar 18, 2014
    risk 0.00cvss epss 0.02

    The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf…

  • CVE-2014-2240Mar 12, 2014
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.

  • CVE-2012-5670Jan 24, 2013
    risk 0.00cvss epss 0.03

    The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.

  • CVE-2012-5669Jan 24, 2013
    risk 0.00cvss epss 0.04

    The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.

  • CVE-2012-5668Jan 24, 2013
    risk 0.00cvss epss 0.02

    FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function.

  • CVE-2012-1144Apr 25, 2012
    risk 0.00cvss epss 0.05

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.

  • CVE-2012-1143Apr 25, 2012
    risk 0.00cvss epss 0.02

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.

  • CVE-2012-1142Apr 25, 2012
    risk 0.00cvss epss 0.04

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.

  • CVE-2012-1141Apr 25, 2012
    risk 0.00cvss epss 0.04

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.