CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8287 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-8287
27 Apr 2017 — FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c. FreeType 2 antes de 2017-03-26 tiene una escritura fuera de límites causada por un desbordamiento de búfer basado en heap relacionado con la función t1_builder_close_contour en psaux / psobjs.c. It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a ... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2017-8105 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-8105
24 Apr 2017 — FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c. FreeType 2 en versiones anteriores a 24-03-2017 tiene una escritura fuera de limites provocada por un desbordamiento de búfer relacionado con la función t1_decoder_parse_charstrengs en psaux/t1decode.c. It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10328 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2016-10328
14 Apr 2017 — FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. FreeType 2 en versiones anteriores a 16-12-2016 tiene una escritura fuera de límites provocada por un desbordamiento de búfer basado en memoria dinámica relacionado con la función cff_parser_run en cff/cffparse.c. It was discovered that a heap-based buffer overflow existed in the FreeType library. If a user were tricked into using a specially crafted font f... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2017-7857 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-7857
14 Apr 2017 — FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. FreeType 2 en versiones anteriores a 2017-03-08 tiene una escritura fuera de límites provocada por un desbordamiento de búfer basado en memoria dinámica relacionado con la función TT_Get_MM_Var en truetype/ttgxvar.c y la función sfnt_init_face en sfnt/sfobjs.c. Multiple vulnerabilities have been found in F... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7858 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-7858
14 Apr 2017 — FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. FreeType 2 en versiones anteriores a 07-03-2017 tiene una escritura fuera de límites en relación con la función TT_Get_MM_Var en truetype/ttgxvar.c y en la función sfnt_init_face en sfnt/sfobjs.c. Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.8 ar... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7864 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-7864
14 Apr 2017 — FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. FreeType 2 en versiones anteriores a 02-02-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en relación con la función tt_size_reset en truetype/ttobjs.c. Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less tha... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2016-10244 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2016-10244
06 Mar 2017 — The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. La función parse_charstrings en type1/t1load.c en FreeType 2 en versiones anteriores a 2.7 no asegura que una fuente contiene un nombre glyph, lo que permite a atacantes remotos provocar una denegación de servicio (sobre lectura de búfe... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7 • CWE-125: Out-of-bounds Read •