CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 1CVE-2015-9381 – freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to crash
https://notcve.org/view.php?id=CVE-2015-9381
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c. FreeType en versiones anteriores a la 2.6.1 tiene una sobrelectura de búfer basada en memoria dinámica (heap) en T1_Get_Private_Dict en type1/t1parse.c. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9 https://access.redhat.com/errata/RHSA-2019:4254 https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html https://savannah.nongnu.org/bugs/?45955 https://usn.ubuntu.com/4126-2 https://access.redhat.com/security/cve/CVE-2015-9381 https://bugzilla.redhat.com/show_bug.cgi?id=1752788 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2015-9290
https://notcve.org/view.php?id=CVE-2015-9290
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again. En FreeType anterior a versión 2.6.1, se presenta una lectura excesiva de búfer en el archivo type1/t1parse.c en la función T1_Get_Private_Dict, donde no hay ninguna comprobación de que los nuevos valores de cur y limit son razonables antes de ir a Again. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30 https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html https://savannah.nongnu.org/bugs/?45923 https://support.f5.com/csp/article/K38315305 https://support.f5.com/csp/article/K38315305?utm_source=f5support&%3Butm_medium=RSS • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6942
https://notcve.org/view.php?id=CVE-2018-6942
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. Se ha descubierto un problema hasta la versión 2.9 de FreeType 2. Una desreferencia de puntero NULL en la función Ins_GETVARIATION() en ttinterp.c podría conducir a DoS mediante un archivo de fuentes manipulado. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736 https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef https://usn.ubuntu.com/3572-1 https://www.oracle.com/security-alerts/cpuapr2020.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8287
https://notcve.org/view.php?id=CVE-2017-8287
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. FreeType 2 antes de 2017-03-26 tiene una escritura fuera de límites causada por un desbordamiento de búfer basado en heap relacionado con la función t1_builder_close_contour en psaux / psobjs.c. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 http://www.debian.org/security/2017/dsa-3839 http://www.securityfocus.com/bid/99091 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 https://security.gentoo.org/glsa/201706-14 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2017-8105
https://notcve.org/view.php?id=CVE-2017-8105
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. FreeType 2 en versiones anteriores a 24-03-2017 tiene una escritura fuera de limites provocada por un desbordamiento de búfer relacionado con la función t1_decoder_parse_charstrengs en psaux/t1decode.c. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 http://www.debian.org/security/2017/dsa-3839 http://www.securityfocus.com/bid/99093 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 https://security.gentoo.org/glsa/201706-14 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html • CWE-787: Out-of-bounds Write •