CVSS: 8.8EPSS: 1%CPEs: 22EXPL: 1CVE-2014-9667 – freetype: integer overflow in tt_face_load_font_dir() leading to out-of-bounds read
https://notcve.org/view.php?id=CVE-2014-9667
08 Feb 2015 — sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table. sfnt/ttload.c en FreeType anterior a 2.5.4 proceda con los cálculos de la longitud de offset sin restringir los valores, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de enteros y lectura fuer... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 11EXPL: 1CVE-2014-9662 – Gentoo Linux Security Advisory 201503-05
https://notcve.org/view.php?id=CVE-2014-9662
08 Feb 2015 — cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font. cff/cf2ft.c en FreeType anterior a 2.5.4 no valida los valores de retorno de las funciones de la reserva de puntos, lo que permite a atacantes remotos causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica) o posiblemente ... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 10EXPL: 1CVE-2014-9665 – Gentoo Linux Security Advisory 201503-05
https://notcve.org/view.php?id=CVE-2014-9665
08 Feb 2015 — The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file. La función Load_SBit_Png en sfnt/pngshim.c en FreeType anterior a 2.5.4 no restringe los valores de filas y tonos de los datos PNG, lo que permite a atacantes remotos causar una denegación ... • http://code.google.com/p/google-security-research/issues/detail?id=168 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 20EXPL: 1CVE-2014-9673 – freetype: integer signedness error in Mac_Read_POST_Resource() leading to heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2014-9673
08 Feb 2015 — Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. Error de signo de enteros en la función Mac_Read_POST_Resource en base/ftobjs.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica) o posiblemente tener otro impacto... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 2%CPEs: 12EXPL: 1CVE-2014-9659 – Gentoo Linux Security Advisory 201503-05
https://notcve.org/view.php?id=CVE-2014-9659
08 Feb 2015 — cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240. cff/cf2intrp.c en el interprete CFF CharString en FreeType anterior a 2.5.4 proceda con indicios (hints) adicionales después de que la mascara d... • http://code.google.com/p/google-security-research/issues/detail?id=190 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 24EXPL: 1CVE-2014-9663 – freetype: out-of-bounds read in tt_cmap4_validate()
https://notcve.org/view.php?id=CVE-2014-9663
08 Feb 2015 — The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table. La función tt_cmap4_validate en sfnt/ttcmap.c en FreeType anterior a 2.5.4 valida cierto campo de longitud antes de que el valor de este campo está calculado completamente, lo que permite a atacantes r... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 24EXPL: 1CVE-2014-9660 – freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs()
https://notcve.org/view.php?id=CVE-2014-9660
08 Feb 2015 — The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font. La función _bdf_parse_glyphs en bdf/bdflib.c en FreeType anterior a 2.5.4 no maneja correctamente un registro ENDCHAR perdido, lo que permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo) o posiblement... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 3%CPEs: 23EXPL: 1CVE-2014-9674 – freetype: multiple integer overflows Mac_Read_POST_Resource() leading to heap-based buffer overflows
https://notcve.org/view.php?id=CVE-2014-9674
08 Feb 2015 — The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. La función Mac_Read_POST_Resource en base/ftobjs.c en FreeType anterior a 2.5.4 proceda con la suma de los valores de longitud sin validar los valores originales, lo que permite a a... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 5%CPEs: 24EXPL: 1CVE-2014-9670 – freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-9670
08 Feb 2015 — Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row. Múltiples erroes de signo de enteros en la función pcf_get_encodings en pcf/pcfread.c en FreeType anterior a 2.5.4 permiten a atacantes remotos causar una denegación de servicio (desbordamien... • http://advisories.mageia.org/MGASA-2015-0083.html • CWE-189: Numeric Errors CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2015-0247 – Gentoo Linux Security Advisory 201701-06
https://notcve.org/view.php?id=CVE-2015-0247
06 Feb 2015 — Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image. Desbordamiento de buffer basado en memoria dinámica en openfs.c en la libraría libext2fs en e2fsprogs anterior a 1.42.12 permite a usuarios locales ejecutar código arbitrario a través de datos manipulados del descriptor de grupos en bloque en una imagen del sistema de ficheros. The libext2fs library, part of e2... • http://advisories.mageia.org/MGASA-2015-0061.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •