1 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. fontconfig en versiones anteriores a 2.12.1 no valida offsets, lo que permite a usuarios locales desencadenar llamadas gratis arbitrarias y consecuentemente llevar a cabo ataques gratuitos dobles y ejecutar código arbitrario a través de un archivo de caché manipulado. It was found that cache files were insufficiently validated in fontconfig. A local attacker could create a specially crafted cache file to trigger arbitrary free() calls, which in turn could lead to arbitrary code execution. • http://rhn.redhat.com/errata/RHSA-2016-2601.html http://www.debian.org/security/2016/dsa-3644 http://www.securityfocus.com/bid/92339 http://www.ubuntu.com/usn/USN-3063-1 https://cgit.freedesktop.org/fontconfig/commit/?id=7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6CJ45VRAMCIISHOVKFVOQYQUSTUJP7FC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGOS4YYB7UYAWX5AEXJZHDIX4ZMSXSW5 https:// • CWE-20: Improper Input Validation CWE-415: Double Free •