CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7858 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-7858
14 Apr 2017 — FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. FreeType 2 en versiones anteriores a 07-03-2017 tiene una escritura fuera de límites en relación con la función TT_Get_MM_Var en truetype/ttgxvar.c y en la función sfnt_init_face en sfnt/sfobjs.c. Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.8 ar... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7857 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-7857
14 Apr 2017 — FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. FreeType 2 en versiones anteriores a 2017-03-08 tiene una escritura fuera de límites provocada por un desbordamiento de búfer basado en memoria dinámica relacionado con la función TT_Get_MM_Var en truetype/ttgxvar.c y la función sfnt_init_face en sfnt/sfobjs.c. Multiple vulnerabilities have been found in F... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7864 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2017-7864
14 Apr 2017 — FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. FreeType 2 en versiones anteriores a 02-02-2017 tiene una escritura fuera de límites provocado por un desbordamiento de búfer basado en memoria dinámica en relación con la función tt_size_reset en truetype/ttobjs.c. Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less tha... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-10328 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2016-10328
14 Apr 2017 — FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. FreeType 2 en versiones anteriores a 16-12-2016 tiene una escritura fuera de límites provocada por un desbordamiento de búfer basado en memoria dinámica relacionado con la función cff_parser_run en cff/cffparse.c. It was discovered that a heap-based buffer overflow existed in the FreeType library. If a user were tricked into using a specially crafted font f... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 1CVE-2016-10244 – Gentoo Linux Security Advisory 201706-14
https://notcve.org/view.php?id=CVE-2016-10244
06 Mar 2017 — The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. La función parse_charstrings en type1/t1load.c en FreeType 2 en versiones anteriores a 2.7 no asegura que una fuente contiene un nombre glyph, lo que permite a atacantes remotos provocar una denegación de servicio (sobre lectura de búfe... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2014-9747 – Debian Security Advisory 3370-1
https://notcve.org/view.php?id=CVE-2014-9747
07 Oct 2015 — The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font. La función t42_parse_encoding en type42/t42parse.c en FreeType en versiones anteriores a 2.5.4 no actualiza adecuadamente la posición actual para el modo immediates-only lo que permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través d... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2014-9746 – Debian Security Advisory 3370-1
https://notcve.org/view.php?id=CVE-2014-9746
07 Oct 2015 — The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font. Las funciones (1) t1_parse_font_matrix en type1/t1load.c, (2) c... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 6%CPEs: 7EXPL: 0CVE-2014-9745 – Debian Security Advisory 3370-1
https://notcve.org/view.php?id=CVE-2014-9745
14 Sep 2015 — The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage. Vulnerabilidad en la función parse_encoding en type1/t1load.c en FreeType en versiones anteriores a 2.5.3, permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de un 'broken number-with-base' en un stream Postscript, según lo demostrado por 8#garbage.... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75 • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 2%CPEs: 24EXPL: 1CVE-2014-9670 – freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-9670
08 Feb 2015 — Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row. Múltiples erroes de signo de enteros en la función pcf_get_encodings en pcf/pcfread.c en FreeType anterior a 2.5.4 permiten a atacantes remotos causar una denegación de servicio (desbordamien... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-189: Numeric Errors CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 1%CPEs: 24EXPL: 1CVE-2014-9657 – freetype: off-by-one buffer over-read in tt_face_load_hdmx()
https://notcve.org/view.php?id=CVE-2014-9657
08 Feb 2015 — The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. La función tt_face_load_hdmx en truetype/ttpload.c en FreeType anterior a 2.5.4 no establece un tamaño de registro mínimo, lo que permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) o posiblemente tener otr... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-125: Out-of-bounds Read •