CVSS: 9.8EPSS: 8%CPEs: 62EXPL: 0CVE-2012-1134 – freetype: limited heap buffer overflow in Type1 parser T1_Get_Private_Dict() (#35608)
https://notcve.org/view.php?id=CVE-2012-1134
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memori... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 10%CPEs: 62EXPL: 0CVE-2012-1140 – freetype: multiple buffer over-read in PS parser conversion functions (#35657)
https://notcve.org/view.php?id=CVE-2012-1140
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblemente... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 4%CPEs: 58EXPL: 0CVE-2011-0226 – freetype: postscript type1 font parsing vulnerability
https://notcve.org/view.php?id=CVE-2011-0226
19 Jul 2011 — Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011. Error de entero sin signo en psaux/t1decode.c en FreeType anterior a v2.4.6, es usado enCoreGraphics en Apple iOS anterior a v4.2.9 y v4.3.x an... • http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 5%CPEs: 29EXPL: 0CVE-2010-3311 – freetype: Input stream position error by processing Compact Font Format (CFF) font files
https://notcve.org/view.php?id=CVE-2010-3311
07 Jan 2011 — Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797. Desbordamiento de enteros en base/ftstream.c en libXft (también conocida como la librería FreeType X) en FreeType a... • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 12%CPEs: 33EXPL: 0CVE-2010-3814
https://notcve.org/view.php?id=CVE-2010-3814
26 Nov 2010 — Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font. Desbordamiento de búfer basado en memoria dinámica en la función Ins_SHZ en ttinterp.c en FreeType v2.4.3 y anteriores permite a atacantes remotos ejecutar código a su o elección y caus... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 17%CPEs: 32EXPL: 0CVE-2010-3855 – Freetype : Heap based buffer overflow in ft_var_readpackedpoints()
https://notcve.org/view.php?id=CVE-2010-3855
26 Nov 2010 — Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font. Desbordamiento de búfer en la función ft_var_readpackedpoints en truetype/ttgxvar.c en FreeType v2.4.3 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de una fuen... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 1CVE-2010-2498 – freetype: invalid free vulnerability with possible heap corruption
https://notcve.org/view.php?id=CVE-2010-2498
19 Aug 2010 — The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation. La función psh_glyph_find_strong_points en pshinter/pshalgo.c de FreeType anterior a v2.4.0 no implementa adecuadamente mascaras sugeridas, lo cual permite a atacantes remoto... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 2%CPEs: 9EXPL: 0CVE-2010-2807
https://notcve.org/view.php?id=CVE-2010-2807
19 Aug 2010 — FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. FreeType anterior a v2.4.2 utiliza incorrectametne tipos de datos entero durante la comprobación de límites, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de ficheros fuente manipulados. • http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 7.8EPSS: 2%CPEs: 3EXPL: 2CVE-2010-2497
https://notcve.org/view.php?id=CVE-2010-2497
19 Aug 2010 — Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Desbordamiento de entero glyph manejado en FreeType anterior a v2.4.0 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un fichero fuente manipulado. • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 1CVE-2010-2805 – freetype: FT_Stream_EnterFrame() does not properly validate certain position values
https://notcve.org/view.php?id=CVE-2010-2805
19 Aug 2010 — The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. La función FT_Stream_EnterFrame en base/ftstream.c de FreeType anterior a v2.4.2 no valida adecuadamente los valores de cierta posición, lo cual permite a atacantes remotos causar una denegación de servicio (fallo de la aplicación) o posibleme... • http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 • CWE-20: Improper Input Validation •