Vulnerabilites related to FreeType - FreeType
CVE-2012-1126 (GCVE-0-2012-1126)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1126",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9674 (GCVE-0-2014-9674)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "DSA-3461",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3461"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=153"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "DSA-3461",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3461"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=153"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9674",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "DSA-3461",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3461"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=153",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=153"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9674",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2497 (GCVE-0-2010-2497)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.845Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30082"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30083"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30082"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30083"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2497",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-28T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.845Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7858 (GCVE-0-2017-7858)
Vulnerability from cvelistv5
Published
2017-04-14 04:30
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:29.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738"
},
{
"name": "97682",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97682"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738"
},
{
"name": "97682",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97682"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201706-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738"
},
{
"name": "97682",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97682"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7858",
"datePublished": "2017-04-14T04:30:00",
"dateReserved": "2017-04-14T00:00:00",
"dateUpdated": "2024-08-05T16:19:29.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9675 (GCVE-0-2014-9675)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=151"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=151"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=151",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=151"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9675",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1135 (GCVE-0-2012-1135)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1135",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9381 (GCVE-0-2015-9381)
Vulnerability from cvelistv5
Published
2019-09-03 04:52
Modified
2024-08-06 08:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:51:04.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?45955"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "RHSA-2019:4254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:06:11",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://savannah.nongnu.org/bugs/?45955"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "RHSA-2019:4254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9381",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9"
},
{
"name": "https://savannah.nongnu.org/bugs/?45955",
"refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?45955"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "RHSA-2019:4254",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-9381",
"datePublished": "2019-09-03T04:52:02",
"dateReserved": "2019-09-03T00:00:00",
"dateUpdated": "2024-08-06T08:51:04.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9673 (GCVE-0-2014-9673)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=154",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=154"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9673",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2500 (GCVE-0-2010-2500)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30263"
},
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "RHSA-2010:0577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613167"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30263"
},
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "RHSA-2010:0577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613167"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2500",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-28T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9383 (GCVE-0-2015-9383)
Vulnerability from cvelistv5
Published
2019-09-03 04:52
Modified
2024-08-06 08:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:51:03.360Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?46346"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "USN-4126-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4126-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-10T02:06:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://savannah.nongnu.org/bugs/?46346"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "USN-4126-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4126-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9383",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd"
},
{
"name": "https://savannah.nongnu.org/bugs/?46346",
"refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?46346"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "USN-4126-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4126-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-9383",
"datePublished": "2019-09-03T04:52:27",
"dateReserved": "2019-09-03T00:00:00",
"dateUpdated": "2024-08-06T08:51:03.360Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1128 (GCVE-0-2012-1128)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1128",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27406 (GCVE-0-2022-27406)
Vulnerability from cvelistv5
Published
2022-04-22 00:00
Modified
2024-08-03 05:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:32.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://freetype.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140"
},
{
"name": "FEDORA-2022-2dd60f1f00",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"name": "FEDORA-2022-0985b0cb9f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"name": "FEDORA-2022-7ece4f6d74",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"name": "FEDORA-2022-5e45671294",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"name": "FEDORA-2022-80e1724780",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"name": "GLSA-202402-06",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-03T10:06:21.607450",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://freetype.com"
},
{
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140"
},
{
"name": "FEDORA-2022-2dd60f1f00",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"name": "FEDORA-2022-0985b0cb9f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"name": "FEDORA-2022-7ece4f6d74",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"name": "FEDORA-2022-5e45671294",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"name": "FEDORA-2022-80e1724780",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"name": "GLSA-202402-06",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202402-06"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-27406",
"datePublished": "2022-04-22T00:00:00",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-08-03T05:25:32.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2527 (GCVE-0-2010-2527)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:36.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=614557"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127912955808467\u0026w=2"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "RHSA-2010:0577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://savannah.nongnu.org/bugs/?30054"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-19T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=614557"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127912955808467\u0026w=2"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "RHSA-2010:0577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://savannah.nongnu.org/bugs/?30054"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2527",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:36.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9661 (GCVE-0-2014-9661)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=187"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=187"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=187",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=187"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9661",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-15999 (GCVE-0-2020-15999)
Vulnerability from cvelistv5
Published
2020-11-03 00:00
Modified
2025-07-30 01:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap buffer overflow
Summary
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-12T22:02:48.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://crbug.com/1139963"
},
{
"tags": [
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html"
},
{
"name": "openSUSE-SU-2020:1829",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html"
},
{
"name": "FEDORA-2020-6b35849edd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/"
},
{
"name": "GLSA-202011-12",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202011-12"
},
{
"name": "20201118 TCMalloc viewer/dumper - TCMalloc Inspector Tool",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/33"
},
{
"name": "GLSA-202012-04",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202012-04"
},
{
"name": "DSA-4824",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"tags": [
"x_transferred"
],
"url": "https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html"
},
{
"name": "GLSA-202401-19",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-19"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240812-0001/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-15999",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:58:48.995301Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-15999"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:45:32.774Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-15999 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "86.0.4240.111",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-15T14:06:22.266Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://crbug.com/1139963"
},
{
"url": "https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html"
},
{
"name": "openSUSE-SU-2020:1829",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html"
},
{
"name": "FEDORA-2020-6b35849edd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/"
},
{
"name": "GLSA-202011-12",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202011-12"
},
{
"name": "20201118 TCMalloc viewer/dumper - TCMalloc Inspector Tool",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/33"
},
{
"name": "GLSA-202012-04",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202012-04"
},
{
"name": "DSA-4824",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"url": "https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html"
},
{
"name": "GLSA-202401-19",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202401-19"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2020-15999",
"datePublished": "2020-11-03T00:00:00.000Z",
"dateReserved": "2020-07-27T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:45:32.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9659 (GCVE-0-2014-9659)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:03.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=190"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=190"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9659",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=190",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=190"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9659",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:03.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9657 (GCVE-0-2014-9657)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=195"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=195"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=195",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=195"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9657",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1137 (GCVE-0-2012-1137)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1137",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9663 (GCVE-0-2014-9663)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field\u0027s value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field\u0027s value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=184",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=184"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1"
},
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9663",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0747 (GCVE-0-2006-0747)
Vulnerability from cvelistv5
Published
2006-05-23 10:00
Modified
2024-08-07 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:48:55.877Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2006:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"name": "20791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "20525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20525"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "USN-291-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/291-1/"
},
{
"name": "21385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21385"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20060612 rPSA-2006-0100-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "oval:org.mitre.oval:def:9508",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508"
},
{
"name": "18326",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18326"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"name": "20591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20591"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20638"
},
{
"name": "1016522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016522"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "MDKSA-2006:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SA:2006:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"name": "20791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "20525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20525"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "USN-291-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/291-1/"
},
{
"name": "21385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21385"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "20060612 rPSA-2006-0100-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "oval:org.mitre.oval:def:9508",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508"
},
{
"name": "18326",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18326"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"name": "20591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20591"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "20638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20638"
},
{
"name": "1016522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016522"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "MDKSA-2006:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-0747",
"datePublished": "2006-05-23T10:00:00",
"dateReserved": "2006-02-17T00:00:00",
"dateUpdated": "2024-08-07T16:48:55.877Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9667 (GCVE-0-2014-9667)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=166"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=166"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891"
},
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=166",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=166"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9667",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9658 (GCVE-0-2014-9658)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:03.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=194"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=194"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=194",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=194"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9658",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:03.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2807 (GCVE-0-2010-2807)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30657"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30657"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2807",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-07-22T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1129 (GCVE-0-2012-1129)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1129",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7864 (GCVE-0-2017-7864)
Vulnerability from cvelistv5
Published
2017-04-14 04:30
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:28.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97673",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97673"
},
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "97673",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97673"
},
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97673",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97673"
},
{
"name": "GLSA-201706-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7864",
"datePublished": "2017-04-14T04:30:00",
"dateReserved": "2017-04-14T00:00:00",
"dateUpdated": "2024-08-05T16:19:28.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9666 (GCVE-0-2014-9666)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=167"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=167"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=167",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=167"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9666",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2240 (GCVE-0-2014-2240)
Vulnerability from cvelistv5
Published
2014-03-12 14:00
Modified
2024-08-06 10:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "57291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57291"
},
{
"name": "1029895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029895"
},
{
"name": "USN-2148-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"name": "57447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57447"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freetype.org/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.5.3"
},
{
"name": "66074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66074"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-03-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-28T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "57291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57291"
},
{
"name": "1029895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029895"
},
{
"name": "USN-2148-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"name": "57447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57447"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freetype.org/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.5.3"
},
{
"name": "66074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66074"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2240",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57291"
},
{
"name": "1029895",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029895"
},
{
"name": "USN-2148-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"name": "57447",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57447"
},
{
"name": "http://www.freetype.org/index.html",
"refsource": "CONFIRM",
"url": "http://www.freetype.org/index.html"
},
{
"name": "http://savannah.nongnu.org/bugs/?41697",
"refsource": "CONFIRM",
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"name": "http://sourceforge.net/projects/freetype/files/freetype2/2.5.3",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.5.3"
},
{
"name": "66074",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66074"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2240",
"datePublished": "2014-03-12T14:00:00",
"dateReserved": "2014-02-28T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2541 (GCVE-0-2010-2541)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:36.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=617342"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40982"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"name": "RHSA-2010:0577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-19T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=617342"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40982"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"name": "RHSA-2010:0577",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2541",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:36.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1142 (GCVE-0-2012-1142)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1142",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3506 (GCVE-0-2007-3506)
Vulnerability from cvelistv5
Published
2007-07-02 19:00
Modified
2024-08-07 14:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://savannah.nongnu.org/bugs/index.php?19536"
},
{
"name": "24708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24708"
},
{
"name": "25884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25884"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype\u0026r1=1.17\u0026r2=1.18"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=499970"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a \"memory buffer overwrite bug.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-07-11T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://savannah.nongnu.org/bugs/index.php?19536"
},
{
"name": "24708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24708"
},
{
"name": "25884",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25884"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype\u0026r1=1.17\u0026r2=1.18"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=499970"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a \"memory buffer overwrite bug.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://savannah.nongnu.org/bugs/index.php?19536",
"refsource": "MISC",
"url": "http://savannah.nongnu.org/bugs/index.php?19536"
},
{
"name": "24708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24708"
},
{
"name": "25884",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25884"
},
{
"name": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype\u0026r1=1.17\u0026r2=1.18",
"refsource": "MISC",
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype\u0026r1=1.17\u0026r2=1.18"
},
{
"name": "https://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=499970",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=499970"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3506",
"datePublished": "2007-07-02T19:00:00",
"dateReserved": "2007-07-02T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9664 (GCVE-0-2014-9664)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=183"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=183"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd"
},
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=183",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=183"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9664",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1141 (GCVE-0-2012-1141)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1141",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27404 (GCVE-0-2022-27404)
Vulnerability from cvelistv5
Published
2022-04-22 00:00
Modified
2024-08-03 05:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:32.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138"
},
{
"name": "FEDORA-2022-2dd60f1f00",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"name": "FEDORA-2022-0985b0cb9f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"name": "FEDORA-2022-7ece4f6d74",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"name": "FEDORA-2022-5e45671294",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"name": "FEDORA-2022-80e1724780",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"name": "GLSA-202402-06",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-03T10:06:23.309904",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138"
},
{
"name": "FEDORA-2022-2dd60f1f00",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"name": "FEDORA-2022-0985b0cb9f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"name": "FEDORA-2022-7ece4f6d74",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"name": "FEDORA-2022-5e45671294",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"name": "FEDORA-2022-80e1724780",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"name": "GLSA-202402-06",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202402-06"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-27404",
"datePublished": "2022-04-22T00:00:00",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-08-03T05:25:32.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1143 (GCVE-0-2012-1143)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1143",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3053 (GCVE-0-2010-3053)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-3045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"name": "http://support.apple.com/kb/HT4457",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42317"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3053",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-08-19T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1132 (GCVE-0-2012-1132)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1132",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7857 (GCVE-0-2017-7857)
Vulnerability from cvelistv5
Published
2017-04-14 04:30
Modified
2024-08-05 16:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:28.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b"
},
{
"name": "97680",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97680"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b"
},
{
"name": "97680",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97680"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201706-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b"
},
{
"name": "97680",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97680"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7857",
"datePublished": "2017-04-14T04:30:00",
"dateReserved": "2017-04-14T00:00:00",
"dateUpdated": "2024-08-05T16:19:28.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9665 (GCVE-0-2014-9665)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=168"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=168"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=168",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=168"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9665",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.093Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9662 (GCVE-0-2014-9662)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.926Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=185"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=185"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9662",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=185",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=185"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9662",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.926Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2661 (GCVE-0-2006-2661)
Vulnerability from cvelistv5
Published
2006-05-30 19:00
Modified
2024-08-07 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:58:51.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"name": "SUSE-SA:2006:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"name": "20791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20791"
},
{
"name": "oval:org.mitre.oval:def:11692",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "18329",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18329"
},
{
"name": "20525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20525"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "USN-291-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/291-1/"
},
{
"name": "21385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21385"
},
{
"name": "20060612 rPSA-2006-0100-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"name": "20591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20591"
},
{
"name": "20638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20638"
},
{
"name": "1016520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016520"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "MDKSA-2006:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"name": "SUSE-SA:2006:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"name": "20791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20791"
},
{
"name": "oval:org.mitre.oval:def:11692",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "18329",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18329"
},
{
"name": "20525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20525"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "USN-291-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/291-1/"
},
{
"name": "21385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21385"
},
{
"name": "20060612 rPSA-2006-0100-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"name": "20591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20591"
},
{
"name": "20638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20638"
},
{
"name": "1016520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016520"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "MDKSA-2006:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"name": "SUSE-SA:2006:037",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"name": "20791",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20791"
},
{
"name": "oval:org.mitre.oval:def:11692",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692"
},
{
"name": "102705",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "18329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18329"
},
{
"name": "20525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20525"
},
{
"name": "21701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21701"
},
{
"name": "USN-291-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/291-1/"
},
{
"name": "21385",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21385"
},
{
"name": "20060612 rPSA-2006-0100-1 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"name": "21135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21135"
},
{
"name": "RHSA-2006:0500",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "23939",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23939"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"name": "20591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20591"
},
{
"name": "20638",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20638"
},
{
"name": "1016520",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016520"
},
{
"name": "ADV-2007-0381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"name": "https://issues.rpath.com/browse/RPL-429",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"name": "20060701-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "21062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21062"
},
{
"name": "MDKSA-2006:099",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2661",
"datePublished": "2006-05-30T19:00:00",
"dateReserved": "2006-05-30T00:00:00",
"dateUpdated": "2024-08-07T17:58:51.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10244 (GCVE-0-2016-10244)
Vulnerability from cvelistv5
Published
2017-03-06 06:11
Modified
2024-08-06 03:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:42.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7"
},
{
"name": "1038090",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038090"
},
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "97405",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97405"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36"
},
{
"name": "DSA-3839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"name": "1038201",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038201"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7"
},
{
"name": "1038090",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038090"
},
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "97405",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97405"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36"
},
{
"name": "DSA-3839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"name": "1038201",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038201"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7"
},
{
"name": "1038090",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038090"
},
{
"name": "GLSA-201706-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "97405",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97405"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36",
"refsource": "CONFIRM",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36"
},
{
"name": "DSA-3839",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10244",
"datePublished": "2017-03-06T06:11:00",
"dateReserved": "2017-03-06T00:00:00",
"dateUpdated": "2024-08-06T03:14:42.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-27363 (GCVE-0-2025-27363)
Vulnerability from cvelistv5
Published
2025-03-11 13:28
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds Write (CWE-787)
Summary
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27363",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T03:55:53.843762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-05-06",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-27363"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:18.147Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://source.android.com/docs/security/bulletin/2025-05-01"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-06T00:00:00+00:00",
"value": "CVE-2025-27363 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-05-06T22:02:53.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/11"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/4"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00030.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/05/06/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FreeType",
"vendor": "FreeType",
"versions": [
{
"lessThanOrEqual": "2.13.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"dateAssigned": "2025-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds Write (CWE-787)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T12:54:55.748Z",
"orgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"shortName": "facebook"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-27363"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "4fc57720-52fe-4431-a0fb-3d2c8747b827",
"assignerShortName": "facebook",
"cveId": "CVE-2025-27363",
"datePublished": "2025-03-11T13:28:31.705Z",
"dateReserved": "2025-02-21T19:53:14.160Z",
"dateUpdated": "2025-07-30T01:36:18.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-27405 (GCVE-0-2022-27405)
Vulnerability from cvelistv5
Published
2022-04-22 00:00
Modified
2024-08-03 05:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:25:32.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://freetype.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139"
},
{
"name": "FEDORA-2022-2dd60f1f00",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"name": "FEDORA-2022-0985b0cb9f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"name": "FEDORA-2022-7ece4f6d74",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"name": "FEDORA-2022-5e45671294",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"name": "FEDORA-2022-80e1724780",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"name": "GLSA-202402-06",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-03T10:06:19.900131",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://freetype.com"
},
{
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139"
},
{
"name": "FEDORA-2022-2dd60f1f00",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"name": "FEDORA-2022-0985b0cb9f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"name": "FEDORA-2022-7ece4f6d74",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"name": "FEDORA-2022-5e45671294",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"name": "FEDORA-2022-80e1724780",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"name": "GLSA-202402-06",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202402-06"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-27405",
"datePublished": "2022-04-22T00:00:00",
"dateReserved": "2022-03-21T00:00:00",
"dateUpdated": "2024-08-03T05:25:32.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5668 (GCVE-0-2012-5668)
Vulnerability from cvelistv5
Published
2013-01-24 21:00
Modified
2024-08-06 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027921"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freetype.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?37905"
},
{
"name": "USN-1686-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"name": "openSUSE-SU-2013:0189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"name": "openSUSE-SU-2013:0165",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"name": "SSA:2013-015-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"name": "51900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51900"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a"
},
{
"name": "openSUSE-SU-2013:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"name": "51826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an \"allocation error\" in the bdf_free_font function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1027921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027921"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freetype.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?37905"
},
{
"name": "USN-1686-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"name": "openSUSE-SU-2013:0189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"name": "openSUSE-SU-2013:0165",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"name": "SSA:2013-015-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"name": "51900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51900"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a"
},
{
"name": "openSUSE-SU-2013:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"name": "51826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51826"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5668",
"datePublished": "2013-01-24T21:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9671 (GCVE-0-2014-9671)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:03.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=157"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=157"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9671",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=157",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=157"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9671",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:03.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1139 (GCVE-0-2012-1139)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1139",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3467 (GCVE-0-2006-3467)
Vulnerability from cvelistv5
Published
2006-07-18 23:00
Modified
2024-08-07 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21144",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21144"
},
{
"name": "DSA-1178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1178"
},
{
"name": "21566",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21566"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "21793",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21793"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2006-4502",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4502"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "MDKSA-2006:148",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:148"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"name": "21285",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21285"
},
{
"name": "22875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22875"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "USN-341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-341-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm"
},
{
"name": "21606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21606"
},
{
"name": "SUSE-SA:2006:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "21567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21567"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
},
{
"name": "GLSA-200609-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200609-04.xml"
},
{
"name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
},
{
"name": "20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444318/100/0/threaded"
},
{
"name": "DSA-1193",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1193"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
},
{
"name": "22907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22907"
},
{
"name": "21798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21798"
},
{
"name": "RHSA-2006:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0635.html"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "22332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22332"
},
{
"name": "RHSA-2006:0634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0634.html"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "21836",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21836"
},
{
"name": "22027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22027"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
},
{
"name": "2006-0052",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0052/"
},
{
"name": "21232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21232"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"name": "ADV-2006-4522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4522"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "MDKSA-2006:129",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:129"
},
{
"name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
},
{
"name": "1016522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016522"
},
{
"name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
},
{
"name": "21626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21626"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "23400",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23400"
},
{
"name": "USN-324-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-324-1"
},
{
"name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:10673",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "21144",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21144"
},
{
"name": "DSA-1178",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1178"
},
{
"name": "21566",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21566"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "21793",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21793"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2006-4502",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4502"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "MDKSA-2006:148",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:148"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"name": "21285",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21285"
},
{
"name": "22875",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22875"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "USN-341-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-341-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm"
},
{
"name": "21606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21606"
},
{
"name": "SUSE-SA:2006:045",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "21567",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21567"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
},
{
"name": "GLSA-200609-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200609-04.xml"
},
{
"name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
},
{
"name": "20060825 rPSA-2006-0157-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444318/100/0/threaded"
},
{
"name": "DSA-1193",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1193"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
},
{
"name": "22907",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22907"
},
{
"name": "21798",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21798"
},
{
"name": "RHSA-2006:0635",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0635.html"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "22332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22332"
},
{
"name": "RHSA-2006:0634",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0634.html"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "21836",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21836"
},
{
"name": "22027",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22027"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
},
{
"name": "2006-0052",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0052/"
},
{
"name": "21232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21232"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"name": "ADV-2006-4522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4522"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "MDKSA-2006:129",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:129"
},
{
"name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
},
{
"name": "1016522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016522"
},
{
"name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
},
{
"name": "21626",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21626"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "23400",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23400"
},
{
"name": "USN-324-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-324-1"
},
{
"name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
},
{
"name": "oval:org.mitre.oval:def:10673",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-3467",
"datePublished": "2006-07-18T23:00:00",
"dateReserved": "2006-07-10T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9672 (GCVE-0-2014-9672)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=155"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=155"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html"
},
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=155",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=155"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9672",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.961Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1131 (GCVE-0-2012-1131)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1131",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5669 (GCVE-0-2012-5669)
Vulnerability from cvelistv5
Published
2013-01-24 21:00
Modified
2024-08-06 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027921"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freetype.org/"
},
{
"name": "USN-1686-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d"
},
{
"name": "openSUSE-SU-2013:0189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"name": "openSUSE-SU-2013:0165",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"name": "RHSA-2013:0216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?37906"
},
{
"name": "SSA:2013-015-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"name": "51900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51900"
},
{
"name": "openSUSE-SU-2013:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"name": "51826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1027921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027921"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freetype.org/"
},
{
"name": "USN-1686-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d"
},
{
"name": "openSUSE-SU-2013:0189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"name": "openSUSE-SU-2013:0165",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"name": "RHSA-2013:0216",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?37906"
},
{
"name": "SSA:2013-015-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"name": "51900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51900"
},
{
"name": "openSUSE-SU-2013:0177",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"name": "51826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51826"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5669",
"datePublished": "2013-01-24T21:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9670 (GCVE-0-2014-9670)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=158"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=158"
},
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9670",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=158",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=158"
},
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9670",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2806 (GCVE-0-2010-2806)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.031Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30656"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40982"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621980"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "RHSA-2010:0736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30656"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40982"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621980"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "RHSA-2010:0736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2806",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-07-22T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1144 (GCVE-0-2012-1144)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1144",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9747 (GCVE-0-2014-9747)
Vulnerability from cvelistv5
Published
2016-06-07 14:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"name": "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"name": "DSA-3370",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3370"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-06-07T13:57:01",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"name": "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"name": "DSA-3370",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3370"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-9747",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"name": "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"name": "https://savannah.nongnu.org/bugs/?41309",
"refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"name": "DSA-3370",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3370"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-9747",
"datePublished": "2016-06-07T14:00:00",
"dateReserved": "2015-09-25T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1806 (GCVE-0-2008-1806)
Vulnerability from cvelistv5
Published
2008-06-16 19:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "ADV-2008-2525",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"name": "oval:org.mitre.oval:def:9321",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30740"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "20080610 Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715"
},
{
"name": "GLSA-200806-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "31856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31856"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "29640",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29640"
},
{
"name": "APPLE-SA-2008-09-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "1020238",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020238"
},
{
"name": "USN-643-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "RHSA-2008:0558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "ADV-2008-2525",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"name": "oval:org.mitre.oval:def:9321",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30740"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "20080610 Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715"
},
{
"name": "GLSA-200806-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "31856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31856"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "29640",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29640"
},
{
"name": "APPLE-SA-2008-09-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "1020238",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020238"
},
{
"name": "USN-643-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "RHSA-2008:0558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "ADV-2008-2525",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "oval:org.mitre.oval:def:9321",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30740"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "20080610 Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715"
},
{
"name": "GLSA-200806-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-2608",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30821"
},
{
"name": "http://support.apple.com/kb/HT3026",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3026"
},
{
"name": "http://support.apple.com/kb/HT3129",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3129"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "31856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31856"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "29640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29640"
},
{
"name": "APPLE-SA-2008-09-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30600"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "1020238",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020238"
},
{
"name": "USN-643-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "RHSA-2008:0558",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1806",
"datePublished": "2008-06-16T19:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6942 (GCVE-0-2018-6942)
Vulnerability from cvelistv5
Published
2018-02-13 05:00
Modified
2024-08-05 06:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736"
},
{
"name": "USN-3572-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3572-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "openSUSE-SU-2020:0704",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-23T23:06:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736"
},
{
"name": "USN-3572-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3572-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "openSUSE-SU-2020:0704",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef",
"refsource": "MISC",
"url": "https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736"
},
{
"name": "USN-3572-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3572-1/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "openSUSE-SU-2020:0704",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6942",
"datePublished": "2018-02-13T05:00:00",
"dateReserved": "2018-02-12T00:00:00",
"dateUpdated": "2024-08-05T06:17:17.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1138 (GCVE-0-2012-1138)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1138",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2520 (GCVE-0-2010-2520)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:36.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2520",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:36.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1127 (GCVE-0-2012-1127)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1127",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2754 (GCVE-0-2007-2754)
Vulnerability from cvelistv5
Published
2007-05-17 22:00
Modified
2024-08-07 13:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-2229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2229"
},
{
"name": "26129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm"
},
{
"name": "25612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25612"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1390"
},
{
"name": "ADV-2008-0049",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0049"
},
{
"name": "25894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "DSA-1334",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1334"
},
{
"name": "25386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25386"
},
{
"name": "28298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28298"
},
{
"name": "103171",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1"
},
{
"name": "25705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25705"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype\u0026r1=1.177\u0026r2=1.178"
},
{
"name": "DSA-1302",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1302"
},
{
"name": "36509",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36509"
},
{
"name": "SUSE-SA:2007:041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_41_freetype2.html"
},
{
"name": "FEDORA-2009-5644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "26305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26305"
},
{
"name": "20070613 FLEA-2007-0025-1: openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/471286/30/6180/threaded"
},
{
"name": "FEDORA-2009-5558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"name": "24074",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24074"
},
{
"name": "RHSA-2009:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "25463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25463"
},
{
"name": "MDKSA-2007:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:121"
},
{
"name": "200033",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1"
},
{
"name": "RHSA-2007:0403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0403.html"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "25353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25353"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200"
},
{
"name": "30161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"name": "GLSA-200707-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml"
},
{
"name": "2007-0019",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"name": "OpenPKG-SA-2007.018",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG",
"x_transferred"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html"
},
{
"name": "102967",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1"
},
{
"name": "[ft-devel] 20070427 Bug in fuzzed TTF file",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "25808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25808"
},
{
"name": "GLSA-200705-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml"
},
{
"name": "oval:org.mitre.oval:def:5532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "25609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25609"
},
{
"name": "35233",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35233"
},
{
"name": "oval:org.mitre.oval:def:11325",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325"
},
{
"name": "35200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35200"
},
{
"name": "25350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25350"
},
{
"name": "20070602-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "USN-466-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-466-1"
},
{
"name": "ADV-2007-1894",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1894"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "25905",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25905"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "25654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25654"
},
{
"name": "25483",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25483"
},
{
"name": "1018088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018088"
},
{
"name": "20070524 FLEA-2007-0020-1: freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/469463/100/200/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2007-2229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2229"
},
{
"name": "26129",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm"
},
{
"name": "25612",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25612"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1390"
},
{
"name": "ADV-2008-0049",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0049"
},
{
"name": "25894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "DSA-1334",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1334"
},
{
"name": "25386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25386"
},
{
"name": "28298",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28298"
},
{
"name": "103171",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1"
},
{
"name": "25705",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25705"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype\u0026r1=1.177\u0026r2=1.178"
},
{
"name": "DSA-1302",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1302"
},
{
"name": "36509",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36509"
},
{
"name": "SUSE-SA:2007:041",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_41_freetype2.html"
},
{
"name": "FEDORA-2009-5644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"name": "26305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26305"
},
{
"name": "20070613 FLEA-2007-0025-1: openoffice.org",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/471286/30/6180/threaded"
},
{
"name": "FEDORA-2009-5558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"name": "24074",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24074"
},
{
"name": "RHSA-2009:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "25463",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25463"
},
{
"name": "MDKSA-2007:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:121"
},
{
"name": "200033",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1"
},
{
"name": "RHSA-2007:0403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0403.html"
},
{
"name": "APPLE-SA-2007-11-14",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"name": "25353",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25353"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200"
},
{
"name": "30161",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30161"
},
{
"name": "GLSA-200805-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"name": "GLSA-200707-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml"
},
{
"name": "2007-0019",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"name": "OpenPKG-SA-2007.018",
"tags": [
"vendor-advisory",
"x_refsource_OPENPKG"
],
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html"
},
{
"name": "102967",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1"
},
{
"name": "[ft-devel] 20070427 Bug in fuzzed TTF file",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "25808",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25808"
},
{
"name": "GLSA-200705-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml"
},
{
"name": "oval:org.mitre.oval:def:5532",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "25609",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25609"
},
{
"name": "35233",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35233"
},
{
"name": "oval:org.mitre.oval:def:11325",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325"
},
{
"name": "35200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35200"
},
{
"name": "25350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25350"
},
{
"name": "20070602-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "USN-466-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-466-1"
},
{
"name": "ADV-2007-1894",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1894"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "25905",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25905"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "25654",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25654"
},
{
"name": "25483",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25483"
},
{
"name": "1018088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018088"
},
{
"name": "20070524 FLEA-2007-0020-1: freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/469463/100/200/threaded"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-2754",
"datePublished": "2007-05-17T22:00:00",
"dateReserved": "2007-05-17T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9669 (GCVE-0-2014-9669)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=163"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=163"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=163",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=163"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9669",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2241 (GCVE-0-2014-2241)
Vulnerability from cvelistv5
Published
2014-03-18 14:00
Modified
2024-08-06 10:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969"
},
{
"name": "USN-2148-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"name": "57447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57447"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"name": "[oss-security] 20140312 Re: Two stack-based issues in freetype [NOT a request]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/12/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-28T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969"
},
{
"name": "USN-2148-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"name": "57447",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57447"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"name": "[oss-security] 20140312 Re: Two stack-based issues in freetype [NOT a request]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/03/12/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969"
},
{
"name": "USN-2148-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"name": "57447",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57447"
},
{
"name": "http://savannah.nongnu.org/bugs/?41697",
"refsource": "CONFIRM",
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"name": "[oss-security] 20140312 Re: Two stack-based issues in freetype [NOT a request]",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/12/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2241",
"datePublished": "2014-03-18T14:00:00",
"dateReserved": "2014-02-28T00:00:00",
"dateUpdated": "2024-08-06T10:06:00.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5670 (GCVE-0-2012-5670)
Vulnerability from cvelistv5
Published
2013-01-24 21:00
Modified
2024-08-06 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027921"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.freetype.org/"
},
{
"name": "USN-1686-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"name": "openSUSE-SU-2013:0189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"name": "openSUSE-SU-2013:0165",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?37907"
},
{
"name": "SSA:2013-015-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"name": "51900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51900"
},
{
"name": "51826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-05T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1027921",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027921"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.freetype.org/"
},
{
"name": "USN-1686-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"name": "openSUSE-SU-2013:0189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"name": "openSUSE-SU-2013:0165",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?37907"
},
{
"name": "SSA:2013-015-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"name": "51900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51900"
},
{
"name": "51826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51826"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-5670",
"datePublished": "2013-01-24T21:00:00",
"dateReserved": "2012-10-24T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2519 (GCVE-0-2010-2519)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:36.482Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613194"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30306"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613194"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30306"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2519",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-30T00:00:00",
"dateUpdated": "2024-08-07T02:39:36.482Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9746 (GCVE-0-2014-9746)
Vulnerability from cvelistv5
Published
2016-06-07 14:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"name": "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"name": "DSA-3370",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3370"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-18T12:57:01",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"name": "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"name": "DSA-3370",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3370"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2014-9746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150911 CVE Request: 2 FreeType issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"name": "[oss-security] 20150925 Re: CVE Request: 2 FreeType issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"name": "https://savannah.nongnu.org/bugs/?41309",
"refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"name": "DSA-3370",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3370"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2014-9746",
"datePublished": "2016-06-07T14:00:00",
"dateReserved": "2015-09-25T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3814 (GCVE-0-2010-3814)
Vulnerability from cvelistv5
Published
2010-11-26 19:00
Modified
2024-08-07 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43138"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"name": "ADV-2011-0246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "1024767",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024767"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "USN-1013-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4"
},
{
"name": "MDVSA-2010:236",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3814"
},
{
"name": "44643",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44643"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "DSA-2155",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-07T10:00:00",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "43138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43138"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"name": "ADV-2011-0246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "1024767",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024767"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "USN-1013-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4"
},
{
"name": "MDVSA-2010:236",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3814"
},
{
"name": "44643",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44643"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "DSA-2155",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-3814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43138",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43138"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"name": "ADV-2011-0246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "1024767",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024767"
},
{
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "USN-1013-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4"
},
{
"name": "MDVSA-2010:236",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
},
{
"name": "http://security-tracker.debian.org/tracker/CVE-2010-3814",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3814"
},
{
"name": "44643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44643"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48951"
},
{
"name": "DSA-2155",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2010-3814",
"datePublished": "2010-11-26T19:00:00",
"dateReserved": "2010-10-07T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2808 (GCVE-0-2010-2808)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975"
},
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30658"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621907"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"name": "[oss-security] 20100806 CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128110167119337\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975"
},
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30658"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621907"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"name": "[oss-security] 20100806 CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128110167119337\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2808",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-07-22T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1130 (GCVE-0-2012-1130)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1130",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1140 (GCVE-0-2012-1140)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1140",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2498 (GCVE-0-2010-2498)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613160"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613160"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2498",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-28T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9290 (GCVE-0-2015-9290)
Vulnerability from cvelistv5
Published
2019-07-30 12:36
Modified
2024-08-06 08:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:43:42.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?45923"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30"
},
{
"name": "[debian-lts-announce] 20190815 [SECURITY] [DLA 1887-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K38315305"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K38315305?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-09T19:06:32",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://savannah.nongnu.org/bugs/?45923"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30"
},
{
"name": "[debian-lts-announce] 20190815 [SECURITY] [DLA 1887-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K38315305"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K38315305?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://savannah.nongnu.org/bugs/?45923",
"refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?45923"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30"
},
{
"name": "[debian-lts-announce] 20190815 [SECURITY] [DLA 1887-1] freetype security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html"
},
{
"name": "https://support.f5.com/csp/article/K38315305",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K38315305"
},
{
"name": "https://support.f5.com/csp/article/K38315305?utm_source=f5support\u0026amp;utm_medium=RSS",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K38315305?utm_source=f5support\u0026amp;utm_medium=RSS"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-9290",
"datePublished": "2019-07-30T12:36:19",
"dateReserved": "2019-07-30T00:00:00",
"dateUpdated": "2024-08-06T08:43:42.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9660 (GCVE-0-2014-9660)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9660",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=188",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "RHSA-2015:0696",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9660",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9656 (GCVE-0-2014-9656)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:41.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=196"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3188",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=196"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9656",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3188",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=196",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=196"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0083.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "MDVSA-2015:055",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9656",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:47:41.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3054 (GCVE-0-2010-3054)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "42621",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42621"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "RHSA-2010:0736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-10-30T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "42621",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42621"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "RHSA-2010:0736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-3045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"name": "http://support.apple.com/kb/HT4457",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "42621",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42621"
},
{
"name": "ADV-2010-3046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"name": "RHSA-2010:0737",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "42317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42317"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name": "RHSA-2010:0736",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3054",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-08-19T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1133 (GCVE-0-2012-1133)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1133",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8105 (GCVE-0-2017-8105)
Vulnerability from cvelistv5
Published
2017-04-24 18:00
Modified
2024-08-05 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:22.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791"
},
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "99093",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99093"
},
{
"name": "DSA-3839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791"
},
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "99093",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99093"
},
{
"name": "DSA-3839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791"
},
{
"name": "GLSA-201706-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "99093",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99093"
},
{
"name": "DSA-3839",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8105",
"datePublished": "2017-04-24T18:00:00",
"dateReserved": "2017-04-24T00:00:00",
"dateUpdated": "2024-08-05T16:27:22.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1136 (GCVE-0-2012-1136)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1136",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0946 (GCVE-0-2009-0946)
Vulnerability from cvelistv5
Published
2009-04-17 00:00
Modified
2024-08-07 04:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34967"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "34913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34913"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "34550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "MDVSA-2009:243",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "USN-767-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-767-1"
},
{
"name": "270268",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
},
{
"name": "35198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35074"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "RHSA-2009:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "DSA-1784",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1784"
},
{
"name": "35210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35210"
},
{
"name": "GLSA-200905-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35379"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
},
{
"name": "oval:org.mitre.oval:def:10149",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "35200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35200"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "ADV-2009-1058",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1058"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "34723",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34723"
},
{
"name": "RHSA-2009:1061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34967"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "34913",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34913"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
},
{
"name": "ADV-2009-1621",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "34550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "MDVSA-2009:243",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
},
{
"name": "APPLE-SA-2009-06-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "USN-767-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-767-1"
},
{
"name": "270268",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
},
{
"name": "35198",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
},
{
"name": "35074",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35074"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
},
{
"name": "ADV-2009-1522",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "RHSA-2009:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"name": "APPLE-SA-2009-06-17-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "35065",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35065"
},
{
"name": "DSA-1784",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1784"
},
{
"name": "35210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35210"
},
{
"name": "GLSA-200905-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
},
{
"name": "35379",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35379"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
},
{
"name": "oval:org.mitre.oval:def:10149",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
},
{
"name": "SUSE-SR:2009:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "35200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35200"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "ADV-2009-1058",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1058"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "34723",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34723"
},
{
"name": "RHSA-2009:1061",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34967"
},
{
"name": "http://support.apple.com/kb/HT3639",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3639"
},
{
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name": "34913",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34913"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
},
{
"name": "ADV-2009-1621",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"name": "34550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34550"
},
{
"name": "http://support.apple.com/kb/HT3549",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3549"
},
{
"name": "MDVSA-2009:243",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
},
{
"name": "APPLE-SA-2009-06-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"name": "USN-767-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-767-1"
},
{
"name": "270268",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
},
{
"name": "35198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35198"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
},
{
"name": "35074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35074"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
},
{
"name": "ADV-2009-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "RHSA-2009:1062",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"name": "APPLE-SA-2009-06-17-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"name": "APPLE-SA-2009-05-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"name": "35065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35065"
},
{
"name": "DSA-1784",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1784"
},
{
"name": "35210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35210"
},
{
"name": "GLSA-200905-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
},
{
"name": "35379",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35379"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=491384",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
},
{
"name": "oval:org.mitre.oval:def:10149",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
},
{
"name": "SUSE-SR:2009:010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"name": "TA09-133A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"name": "ADV-2009-1297",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"name": "35200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35200"
},
{
"name": "http://support.apple.com/kb/HT3613",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3613"
},
{
"name": "RHSA-2009:0329",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "ADV-2009-1058",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1058"
},
{
"name": "35204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35204"
},
{
"name": "34723",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34723"
},
{
"name": "RHSA-2009:1061",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0946",
"datePublished": "2009-04-17T00:00:00",
"dateReserved": "2009-03-18T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-8287 (GCVE-0-2017-8287)
Vulnerability from cvelistv5
Published
2017-04-27 00:00
Modified
2024-08-05 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:34:21.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941"
},
{
"name": "DSA-3839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "99091",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99091"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941"
},
{
"name": "DSA-3839",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "99091",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99091"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201706-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941"
},
{
"name": "DSA-3839",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "99091",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99091"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8287",
"datePublished": "2017-04-27T00:00:00",
"dateReserved": "2017-04-26T00:00:00",
"dateUpdated": "2024-08-05T16:34:21.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1134 (GCVE-0-2012-1134)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1134",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1808 (GCVE-0-2008-1808)
Vulnerability from cvelistv5
Published
2008-06-16 19:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1020240",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020240"
},
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "ADV-2008-2525",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30740"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200806-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "oval:org.mitre.oval:def:11188",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188"
},
{
"name": "20080610 Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717"
},
{
"name": "31856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31856"
},
{
"name": "29639",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29639"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "APPLE-SA-2008-09-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "USN-643-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "RHSA-2008:0558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"name": "29637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29637"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1020240",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020240"
},
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "ADV-2008-2525",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30740"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200806-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "oval:org.mitre.oval:def:11188",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188"
},
{
"name": "20080610 Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717"
},
{
"name": "31856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31856"
},
{
"name": "29639",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29639"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "APPLE-SA-2008-09-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "USN-643-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "RHSA-2008:0558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"name": "29637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29637"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1020240",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020240"
},
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "ADV-2008-2525",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30740"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200806-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-2608",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30821"
},
{
"name": "http://support.apple.com/kb/HT3026",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3026"
},
{
"name": "http://support.apple.com/kb/HT3129",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3129"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "oval:org.mitre.oval:def:11188",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188"
},
{
"name": "20080610 Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717"
},
{
"name": "31856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31856"
},
{
"name": "29639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29639"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "APPLE-SA-2008-09-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30600"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "RHSA-2009:0329",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "USN-643-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "35204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35204"
},
{
"name": "RHSA-2008:0558",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"name": "29637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29637"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1808",
"datePublished": "2008-06-16T19:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10328 (GCVE-0-2016-10328)
Vulnerability from cvelistv5
Published
2017-04-14 04:30
Modified
2024-08-06 03:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:43.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://savannah.nongnu.org/bugs/?func=detailitem\u0026item_id=49858"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8"
},
{
"name": "97677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97677"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-201706-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://savannah.nongnu.org/bugs/?func=detailitem\u0026item_id=49858"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8"
},
{
"name": "97677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97677"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201706-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"name": "http://savannah.nongnu.org/bugs/?func=detailitem\u0026item_id=49858",
"refsource": "MISC",
"url": "http://savannah.nongnu.org/bugs/?func=detailitem\u0026item_id=49858"
},
{
"name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8"
},
{
"name": "97677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97677"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10328",
"datePublished": "2017-04-14T04:30:00",
"dateReserved": "2017-04-14T00:00:00",
"dateUpdated": "2024-08-06T03:14:43.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9382 (GCVE-0-2015-9382)
Vulnerability from cvelistv5
Published
2019-09-03 04:52
Modified
2024-08-06 08:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:51:04.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?45922"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "RHSA-2019:4254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:06:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://savannah.nongnu.org/bugs/?45922"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "RHSA-2019:4254",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-9382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73",
"refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73"
},
{
"name": "https://savannah.nongnu.org/bugs/?45922",
"refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?45922"
},
{
"name": "[debian-lts-announce] 20190904 [SECURITY] [DLA 1909-1] freetype security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"name": "USN-4126-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"name": "RHSA-2019:4254",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-9382",
"datePublished": "2019-09-03T04:52:17",
"dateReserved": "2019-09-03T00:00:00",
"dateUpdated": "2024-08-06T08:51:04.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9745 (GCVE-0-2014-9745)
Vulnerability from cvelistv5
Published
2015-09-14 20:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:04.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:1704",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75"
},
{
"name": "76727",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76727"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://savannah.nongnu.org/bugs/index.php?41590"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=459050"
},
{
"name": "DSA-3370",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124"
},
{
"name": "1033536",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033536"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a \"broken number-with-base\" in a Postscript stream, as demonstrated by 8#garbage."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-06T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:1704",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75"
},
{
"name": "76727",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76727"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://savannah.nongnu.org/bugs/index.php?41590"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=459050"
},
{
"name": "DSA-3370",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124"
},
{
"name": "1033536",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033536"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9745",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a \"broken number-with-base\" in a Postscript stream, as demonstrated by 8#garbage."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:1704",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75"
},
{
"name": "76727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76727"
},
{
"name": "http://savannah.nongnu.org/bugs/index.php?41590",
"refsource": "CONFIRM",
"url": "http://savannah.nongnu.org/bugs/index.php?41590"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=459050",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=459050"
},
{
"name": "DSA-3370",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124"
},
{
"name": "1033536",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033536"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9745",
"datePublished": "2015-09-14T20:00:00",
"dateReserved": "2015-09-14T00:00:00",
"dateUpdated": "2024-08-06T13:55:04.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9668 (GCVE-0-2014-9668)
Vulnerability from cvelistv5
Published
2015-02-08 11:00
Modified
2024-08-06 13:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:55:02.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=164"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=164"
},
{
"name": "GLSA-201503-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "FEDORA-2015-2216",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538"
},
{
"name": "FEDORA-2015-2237",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/google-security-research/issues/detail?id=164",
"refsource": "MISC",
"url": "http://code.google.com/p/google-security-research/issues/detail?id=164"
},
{
"name": "GLSA-201503-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"name": "72986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"name": "USN-2739-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"name": "openSUSE-SU-2015:0627",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"name": "FEDORA-2015-2216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"name": "USN-2510-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538"
},
{
"name": "FEDORA-2015-2237",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-9668",
"datePublished": "2015-02-08T11:00:00",
"dateReserved": "2015-02-07T00:00:00",
"dateUpdated": "2024-08-06T13:55:02.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2499 (GCVE-0-2010-2499)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:32:16.891Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30248"
},
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30249"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613162"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30248"
},
{
"name": "USN-963-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8"
},
{
"name": "[freetype] 20100712 FreeType 2.4.0 has been released",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100714 Re: Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"name": "DSA-2070",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"name": "[oss-security] 20100713 Multiple bugs in freetype",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"name": "1024266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30249"
},
{
"name": "RHSA-2010:0578",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"name": "MDVSA-2010:137",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613162"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2499",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-06-28T00:00:00",
"dateUpdated": "2024-08-07T02:32:16.891Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3311 (GCVE-0-2010-3311)
Vulnerability from cvelistv5
Published
2011-01-07 22:00
Modified
2024-08-07 03:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:19.006Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43700",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/43700"
},
{
"name": "DSA-2116",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2116"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "MDVSA-2010:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201"
},
{
"name": "USN-1013-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625"
},
{
"name": "RHSA-2010:0736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an \"input stream position error\" issue, a different vulnerability than CVE-2010-1797."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-01-12T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "43700",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/43700"
},
{
"name": "DSA-2116",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2116"
},
{
"name": "RHSA-2010:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"name": "MDVSA-2010:201",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201"
},
{
"name": "USN-1013-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "SUSE-SR:2010:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625"
},
{
"name": "RHSA-2010:0736",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3311",
"datePublished": "2011-01-07T22:00:00",
"dateReserved": "2010-09-13T00:00:00",
"dateUpdated": "2024-08-07T03:03:19.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3855 (GCVE-0-2010-3855)
Vulnerability from cvelistv5
Published
2010-11-26 19:00
Modified
2024-08-07 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:11.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43138"
},
{
"name": "42295",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42295"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100122733"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4564"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4565"
},
{
"name": "MDVSA-2010:235",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:235"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4803"
},
{
"name": "ADV-2011-0246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"name": "FEDORA-2010-17755",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html"
},
{
"name": "APPLE-SA-2011-07-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"name": "44214",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44214"
},
{
"name": "FEDORA-2010-17742",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050965.html"
},
{
"name": "RHSA-2010:0889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0889.html"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "FEDORA-2010-17728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html"
},
{
"name": "USN-1013-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"name": "42289",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42289"
},
{
"name": "APPLE-SA-2011-07-15-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?31310"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4802"
},
{
"name": "MDVSA-2010:236",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"name": "APPLE-SA-2011-03-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a"
},
{
"name": "1024745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024745"
},
{
"name": "APPLE-SA-2011-03-09-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "DSA-2155",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"name": "ADV-2010-3037",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3037"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-12-07T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "43138",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43138"
},
{
"name": "42295",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42295"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/css/P8/documents/100122733"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4564"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4565"
},
{
"name": "MDVSA-2010:235",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:235"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4803"
},
{
"name": "ADV-2011-0246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"name": "FEDORA-2010-17755",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html"
},
{
"name": "APPLE-SA-2011-07-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"name": "44214",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44214"
},
{
"name": "FEDORA-2010-17742",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050965.html"
},
{
"name": "RHSA-2010:0889",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0889.html"
},
{
"name": "APPLE-SA-2011-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "FEDORA-2010-17728",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html"
},
{
"name": "USN-1013-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"name": "42289",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42289"
},
{
"name": "APPLE-SA-2011-07-15-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?31310"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4802"
},
{
"name": "MDVSA-2010:236",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"name": "APPLE-SA-2011-03-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a"
},
{
"name": "1024745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024745"
},
{
"name": "APPLE-SA-2011-03-09-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "DSA-2155",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"name": "ADV-2010-3037",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3037"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4581"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3855",
"datePublished": "2010-11-26T19:00:00",
"dateReserved": "2010-10-08T00:00:00",
"dateUpdated": "2024-08-07T03:26:11.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0226 (GCVE-0-2011-0226)
Vulnerability from cvelistv5
Published
2011-07-19 22:00
Modified
2024-08-06 21:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:43:15.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45224"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4803"
},
{
"name": "APPLE-SA-2011-07-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"name": "openSUSE-SU-2011:0852",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.html"
},
{
"name": "48619",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48619"
},
{
"name": "[freetype-devel] 20110709 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html"
},
{
"name": "APPLE-SA-2011-07-15-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"name": "45167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45167"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "RHSA-2011:1085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1085.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4802"
},
{
"name": "[freetype-devel] 20110708 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html"
},
{
"name": "SUSE-SU-2011:0853",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.html"
},
{
"name": "[freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.html"
},
{
"name": "DSA-2294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2294"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "MDVSA-2011:120",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:120"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html"
},
{
"name": "[freetype-devel] 20110708 details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html"
},
{
"name": "[freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-23T09:00:00",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"name": "45224",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45224"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4803"
},
{
"name": "APPLE-SA-2011-07-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"name": "openSUSE-SU-2011:0852",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.html"
},
{
"name": "48619",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48619"
},
{
"name": "[freetype-devel] 20110709 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html"
},
{
"name": "APPLE-SA-2011-07-15-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"name": "45167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45167"
},
{
"name": "APPLE-SA-2011-10-12-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "RHSA-2011:1085",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1085.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4802"
},
{
"name": "[freetype-devel] 20110708 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html"
},
{
"name": "SUSE-SU-2011:0853",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.html"
},
{
"name": "[freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.html"
},
{
"name": "DSA-2294",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2294"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "MDVSA-2011:120",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:120"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html"
},
{
"name": "[freetype-devel] 20110708 details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html"
},
{
"name": "[freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-0226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45224",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45224"
},
{
"name": "http://support.apple.com/kb/HT4803",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4803"
},
{
"name": "APPLE-SA-2011-07-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"name": "openSUSE-SU-2011:0852",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.html"
},
{
"name": "48619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48619"
},
{
"name": "[freetype-devel] 20110709 Re: details on iPhone exploit caused by FreeType?",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html"
},
{
"name": "APPLE-SA-2011-07-15-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"name": "45167",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45167"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "RHSA-2011:1085",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1085.html"
},
{
"name": "http://support.apple.com/kb/HT4802",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4802"
},
{
"name": "[freetype-devel] 20110708 Re: details on iPhone exploit caused by FreeType?",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html"
},
{
"name": "SUSE-SU-2011:0853",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.html"
},
{
"name": "[freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.html"
},
{
"name": "DSA-2294",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2294"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "MDVSA-2011:120",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:120"
},
{
"name": "http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html",
"refsource": "MISC",
"url": "http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html"
},
{
"name": "[freetype-devel] 20110708 details on iPhone exploit caused by FreeType?",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html"
},
{
"name": "[freetype-devel] 20110711 Re: details on iPhone exploit caused by FreeType?",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2011-0226",
"datePublished": "2011-07-19T22:00:00",
"dateReserved": "2010-12-23T00:00:00",
"dateUpdated": "2024-08-06T21:43:15.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23022 (GCVE-0-2025-23022)
Vulnerability from cvelistv5
Published
2025-01-10 00:00
Modified
2025-02-12 20:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-190 - Integer Overflow or Wraparound
Summary
FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23022",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T17:33:20.501363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:31:17.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "FreeType",
"vendor": "FreeType",
"versions": [
{
"status": "affected",
"version": "2.8.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.8.1",
"versionStartIncluding": "2.8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:49:06.014Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1312"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2025-23022"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-23022",
"datePublished": "2025-01-10T00:00:00.000Z",
"dateReserved": "2025-01-10T00:00:00.000Z",
"dateUpdated": "2025-02-12T20:31:17.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2805 (GCVE-0-2010-2805)
Vulnerability from cvelistv5
Published
2010-08-19 17:43
Modified
2024-08-07 02:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40982"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://savannah.nongnu.org/bugs/?30644"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-18T10:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "ADV-2010-3045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"name": "ADV-2010-2018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"name": "ADV-2010-3046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375"
},
{
"name": "USN-972-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"name": "APPLE-SA-2010-11-10-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name": "[oss-security] 20100806 Re: CVE Request -- FreeType -- Memory corruption flaw by processing certain LWFN fonts + three more",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"name": "42317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42317"
},
{
"name": "40816",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40816"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"name": "42314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42314"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"name": "RHSA-2010:0864",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"name": "40982",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40982"
},
{
"name": "ADV-2010-2106",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://savannah.nongnu.org/bugs/?30644"
},
{
"name": "42285",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"name": "APPLE-SA-2010-11-22-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-2805",
"datePublished": "2010-08-19T17:43:00",
"dateReserved": "2010-07-22T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-1861 (GCVE-0-2006-1861)
Vulnerability from cvelistv5
Published
2006-05-23 10:00
Modified
2024-08-07 17:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:27:29.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SA:2006:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"name": "20791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20791"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=416463"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "21000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21000"
},
{
"name": "20525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20525"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "GLSA-200607-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "27162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27162"
},
{
"name": "FEDORA-2009-5644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "USN-291-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/291-1/"
},
{
"name": "21385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21385"
},
{
"name": "FEDORA-2009-5558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"name": "RHSA-2009:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"name": "20060612 rPSA-2006-0100-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"name": "18034",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18034"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "freetype-lwfn-overflow(26553)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "oval:org.mitre.oval:def:9124",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"
},
{
"name": "20591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20591"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "27167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27167"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"name": "20638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20638"
},
{
"name": "20100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20100"
},
{
"name": "1016522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016522"
},
{
"name": "35233",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35233"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "GLSA-200710-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"
},
{
"name": "35200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35200"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "MDKSA-2006:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"name": "ADV-2006-1868",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SUSE-SA:2006:037",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"name": "20791",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20791"
},
{
"name": "27271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27271"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=416463"
},
{
"name": "102705",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"name": "21000",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21000"
},
{
"name": "20525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20525"
},
{
"name": "21701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21701"
},
{
"name": "GLSA-200607-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "27162",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27162"
},
{
"name": "FEDORA-2009-5644",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "USN-291-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/291-1/"
},
{
"name": "21385",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21385"
},
{
"name": "FEDORA-2009-5558",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"name": "RHSA-2009:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"name": "20060612 rPSA-2006-0100-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"name": "18034",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18034"
},
{
"name": "21135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21135"
},
{
"name": "freetype-lwfn-overflow(26553)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"
},
{
"name": "RHSA-2006:0500",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"name": "oval:org.mitre.oval:def:9124",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"
},
{
"name": "23939",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23939"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"
},
{
"name": "20591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20591"
},
{
"name": "SUSE-SR:2007:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"name": "27167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27167"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"name": "20638",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20638"
},
{
"name": "20100",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20100"
},
{
"name": "1016522",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016522"
},
{
"name": "35233",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35233"
},
{
"name": "ADV-2007-0381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"name": "20060701-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"name": "GLSA-200710-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"
},
{
"name": "35200",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35200"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"
},
{
"name": "21062",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21062"
},
{
"name": "RHSA-2009:0329",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"name": "35204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35204"
},
{
"name": "MDKSA-2006:099",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"name": "ADV-2006-1868",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1868"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2006-1861",
"datePublished": "2006-05-23T10:00:00",
"dateReserved": "2006-04-19T00:00:00",
"dateUpdated": "2024-08-07T17:27:29.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2895 (GCVE-0-2011-2895)
Vulnerability from cvelistv5
Published
2011-08-19 17:00
Modified
2024-08-06 23:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:15:31.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205635"
},
{
"name": "RHSA-2011:1154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"name": "USN-1191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"name": "[oss-security] 20110810 LZW decompression issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"name": "45544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45544"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205637"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5130"
},
{
"name": "APPLE-SA-2015-12-08-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name": "MDVSA-2011:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"name": "49124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49124"
},
{
"name": "45599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45599"
},
{
"name": "RHSA-2011:1155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"name": "1025920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025920"
},
{
"name": "openSUSE-SU-2011:1299",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"name": "APPLE-SA-2015-12-08-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name": "SUSE-SU-2011:1035",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"name": "APPLE-SA-2012-02-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"name": "[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"name": "46127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46127"
},
{
"name": "45986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45986"
},
{
"name": "RHSA-2011:1161",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"name": "RHSA-2011:1834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"name": "xorg-lzw-bo(69141)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"name": "APPLE-SA-2015-12-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name": "45568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45568"
},
{
"name": "[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205641"
},
{
"name": "NetBSD-SA2011-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT205640"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "APPLE-SA-2015-12-08-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5281"
},
{
"name": "APPLE-SA-2012-05-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"name": "DSA-2293",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205635"
},
{
"name": "RHSA-2011:1154",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"name": "USN-1191-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"name": "[oss-security] 20110810 LZW decompression issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"name": "45544",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45544"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205637"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5130"
},
{
"name": "APPLE-SA-2015-12-08-4",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name": "MDVSA-2011:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"name": "49124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49124"
},
{
"name": "45599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45599"
},
{
"name": "RHSA-2011:1155",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"name": "1025920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025920"
},
{
"name": "openSUSE-SU-2011:1299",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"name": "APPLE-SA-2015-12-08-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name": "SUSE-SU-2011:1035",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"name": "APPLE-SA-2012-02-01-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"name": "[xorg-announce] 20110810 X.Org security advisory: libXfont LZW decompression heap corruption",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"name": "46127",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46127"
},
{
"name": "45986",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45986"
},
{
"name": "RHSA-2011:1161",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"name": "RHSA-2011:1834",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"name": "xorg-lzw-bo(69141)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"name": "APPLE-SA-2015-12-08-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name": "45568",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45568"
},
{
"name": "[xorg-announce] 20110810 [ANNOUNCE] libXfont 1.4.4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205641"
},
{
"name": "NetBSD-SA2011-007",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT205640"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "APPLE-SA-2015-12-08-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5281"
},
{
"name": "APPLE-SA-2012-05-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"name": "DSA-2293",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2895",
"datePublished": "2011-08-19T17:00:00",
"dateReserved": "2011-07-27T00:00:00",
"dateUpdated": "2024-08-06T23:15:31.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1807 (GCVE-0-2008-1807)
Vulnerability from cvelistv5
Published
2008-06-16 19:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "29641",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "oval:org.mitre.oval:def:9767",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "1020239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020239"
},
{
"name": "ADV-2008-2525",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30740"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200806-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3026"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "31856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31856"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "20080610 Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716"
},
{
"name": "APPLE-SA-2008-09-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "USN-643-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "RHSA-2008:0558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid \"number of axes\" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "29641",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "oval:org.mitre.oval:def:9767",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767"
},
{
"name": "33937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "1020239",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020239"
},
{
"name": "ADV-2008-2525",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30740"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200806-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3026"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "31856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31856"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "20080610 Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716"
},
{
"name": "APPLE-SA-2008-09-12",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "USN-643-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "RHSA-2008:0558",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid \"number of axes\" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080814 rPSA-2008-0255-1 freetype",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"name": "GLSA-201209-25",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"name": "29641",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29641"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"name": "FEDORA-2008-5430",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"name": "oval:org.mitre.oval:def:9767",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767"
},
{
"name": "33937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33937"
},
{
"name": "ADV-2008-1876",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"name": "30721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30721"
},
{
"name": "MDVSA-2008:121",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"name": "1020239",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020239"
},
{
"name": "ADV-2008-2525",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"name": "31712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31712"
},
{
"name": "31709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31709"
},
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "30740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30740"
},
{
"name": "http://support.apple.com/kb/HT3438",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3438"
},
{
"name": "GLSA-200806-10",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"name": "30766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30766"
},
{
"name": "31479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31479"
},
{
"name": "APPLE-SA-2009-02-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"name": "ADV-2008-2423",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "30967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30967"
},
{
"name": "239006",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"name": "https://issues.rpath.com/browse/RPL-2608",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"name": "30821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30821"
},
{
"name": "http://support.apple.com/kb/HT3026",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3026"
},
{
"name": "http://support.apple.com/kb/HT3129",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3129"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "FEDORA-2008-5425",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "31856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31856"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"name": "31711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31711"
},
{
"name": "RHSA-2008:0556",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"name": "SUSE-SR:2008:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"name": "20080610 Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716"
},
{
"name": "APPLE-SA-2008-09-12",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"name": "20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"name": "ADV-2008-1794",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"name": "31823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31823"
},
{
"name": "ADV-2008-2558",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"name": "30600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30600"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name": "31900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31900"
},
{
"name": "30819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30819"
},
{
"name": "31707",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31707"
},
{
"name": "APPLE-SA-2008-09-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"name": "USN-643-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"name": "RHSA-2008:0558",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"name": "31577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31577"
},
{
"name": "ADV-2008-2466",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2466"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1807",
"datePublished": "2008-06-16T19:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800585 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800585 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena SFNT modificada en una fuente Type 42."
}
],
"id": "CVE-2012-1129",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.090",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=151 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7 | Issue Tracking | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Third Party Advisory | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| cve@mitre.org | https://source.android.com/security/bulletin/2016-11-01.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=151 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2016-11-01.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font."
},
{
"lang": "es",
"value": "bdf/bdflib.c en FreeType anterior a 2.5.4 identifica los nombres de propiedades con solamente verificar que una subcadena inicial est\u00e9 presente, lo que permite a atacantes remotos descubrir valores de punteros de la memoria din\u00e1mica y evadir el mecanismo de protecci\u00f3n ASLR a trav\u00e9s de una fuente BDF manipulada."
}
],
"id": "CVE-2014-9675",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:36.490",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=151"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "cve@mitre.org",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-16 19:41
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html | ||
| cve@mitre.org | http://secunia.com/advisories/30600 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/30721 | ||
| cve@mitre.org | http://secunia.com/advisories/30740 | ||
| cve@mitre.org | http://secunia.com/advisories/30766 | ||
| cve@mitre.org | http://secunia.com/advisories/30819 | ||
| cve@mitre.org | http://secunia.com/advisories/30821 | ||
| cve@mitre.org | http://secunia.com/advisories/30967 | ||
| cve@mitre.org | http://secunia.com/advisories/31479 | ||
| cve@mitre.org | http://secunia.com/advisories/31577 | ||
| cve@mitre.org | http://secunia.com/advisories/31707 | ||
| cve@mitre.org | http://secunia.com/advisories/31709 | ||
| cve@mitre.org | http://secunia.com/advisories/31711 | ||
| cve@mitre.org | http://secunia.com/advisories/31712 | ||
| cve@mitre.org | http://secunia.com/advisories/31823 | ||
| cve@mitre.org | http://secunia.com/advisories/31856 | ||
| cve@mitre.org | http://secunia.com/advisories/31900 | ||
| cve@mitre.org | http://secunia.com/advisories/33937 | ||
| cve@mitre.org | http://secunia.com/advisories/35204 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200806-10.xml | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201209-25.xml | ||
| cve@mitre.org | http://securitytracker.com/id?1020240 | ||
| cve@mitre.org | http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3026 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3129 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3438 | ||
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm | ||
| cve@mitre.org | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0556.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0558.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0329.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/495497/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/495869/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/29637 | Patch | |
| cve@mitre.org | http://www.securityfocus.com/bid/29639 | Patch | |
| cve@mitre.org | http://www.ubuntu.com/usn/usn-643-1 | ||
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2008-0014.html | ||
| cve@mitre.org | http://www.vmware.com/support/player/doc/releasenotes_player.html | ||
| cve@mitre.org | http://www.vmware.com/support/player2/doc/releasenotes_player2.html | ||
| cve@mitre.org | http://www.vmware.com/support/server/doc/releasenotes_server.html | ||
| cve@mitre.org | http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | ||
| cve@mitre.org | http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1794 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1876/references | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2423 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2466 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2525 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2558 | ||
| cve@mitre.org | https://issues.rpath.com/browse/RPL-2608 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30600 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30721 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30740 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30766 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30819 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30821 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30967 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31479 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31577 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31707 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31709 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31711 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31712 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31823 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31856 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31900 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33937 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35204 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200806-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-25.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1020240 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3026 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3129 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3438 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0556.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0558.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0329.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495497/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495869/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/29637 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/29639 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-643-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2008-0014.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/player/doc/releasenotes_player.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/player2/doc/releasenotes_player2.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/server/doc/releasenotes_server.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1794 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1876/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2423 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2466 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2558 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2608 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.2.10 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4450B4-B21F-4153-B9DD-C36A2381F00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples errores de superaci\u00f3n de l\u00edmite (off-by-one) en FreeType2 antes de 2.3.6 permite a atacantes dependientes del contexto ejecutar c\u00f3digo arbitrario mediante (1) una tabla manipulada en un archivo Printer Font Binary (PFB) o (2) una instrucci\u00f3n SHC manipulada en un archivo TrueType Font (TTF), lo que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo."
}
],
"id": "CVE-2008-1808",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-16T19:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30600"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30721"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30740"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30766"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30819"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30821"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31479"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31577"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31711"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31712"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31823"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31856"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31900"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35204"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020240"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3026"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3129"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29637"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29639"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=190 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8 | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=190 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| freetype | freetype | * | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240."
},
{
"lang": "es",
"value": "cff/cf2intrp.c en el interprete CFF CharString en FreeType anterior a 2.5.4 proceda con indicios (hints) adicionales despu\u00e9s de que la mascara de indicios (hints) haya sido computado, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (desbordamiento de buffere basado en pila) a trav\u00e9s de una fuente OpenType manipulada. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2014-2240."
}
],
"id": "CVE-2014-9659",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:21.633",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=190"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=196 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a | Issue Tracking | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Third Party Advisory | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=196 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font."
},
{
"lang": "es",
"value": "La funci\u00f3n tt_sbit_decoder_load_image en sfnt/ttsbit.c en FreeType anterior a 2.5.4 no comprueba correctamente si hay un desbordamiento de enteros, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente OpenType manipulada."
}
],
"id": "CVE-2014-9656",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:15.163",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=196"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f0292bb9920aa1dbfed5f53861e7c7a89b35833a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=167 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439 | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=167 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap."
},
{
"lang": "es",
"value": "La funci\u00f3n tt_sbit_decoder_init en sfnt/ttsbit.c en FreeType anterior a 2.5.4 proceda con una asociaci\u00f3n de contar a tama\u00f1o (count-to-size) sin restringir el valor de la cuenta, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de enteros y lectura fuera de rango o posiblemente tener otro impacto a trav\u00e9s de un bitmap embebido manipulado."
}
],
"id": "CVE-2014-9666",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-08T11:59:28.193",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=167"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=257c270bd25e15890190a28a1456e7623bba4439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-03 03:15
Modified
2025-02-05 14:37
Severity ?
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| chrome-cve-admin@google.com | http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html | Broken Link, Mailing List, Third Party Advisory | |
| chrome-cve-admin@google.com | http://seclists.org/fulldisclosure/2020/Nov/33 | Mailing List, Not Applicable, Third Party Advisory | |
| chrome-cve-admin@google.com | https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html | Third Party Advisory | |
| chrome-cve-admin@google.com | https://crbug.com/1139963 | Exploit, Issue Tracking, Third Party Advisory | |
| chrome-cve-admin@google.com | https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html | Exploit, Third Party Advisory | |
| chrome-cve-admin@google.com | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/ | Release Notes | |
| chrome-cve-admin@google.com | https://security.gentoo.org/glsa/202011-12 | Third Party Advisory | |
| chrome-cve-admin@google.com | https://security.gentoo.org/glsa/202012-04 | Third Party Advisory | |
| chrome-cve-admin@google.com | https://security.gentoo.org/glsa/202401-19 | Third Party Advisory | |
| chrome-cve-admin@google.com | https://www.debian.org/security/2021/dsa-4824 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html | Broken Link, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Nov/33 | Mailing List, Not Applicable, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://crbug.com/1139963 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/ | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202011-12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202012-04 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202401-19 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20240812-0001/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4824 | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| freetype | freetype | * | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 31 | |
| opensuse | backports_sle | 15.0 | |
| netapp | ontap_select_deploy_administration_utility | - |
{
"cisaActionDue": "2021-11-17",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Google Chrome FreeType Heap Buffer Overflow Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E02F065-8513-48E2-AD6F-C69A04A30732",
"versionEndExcluding": "86.0.4240.111",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACB0025-9BC8-408F-AFAF-5F31D1D9AB46",
"versionEndExcluding": "2.10.4",
"versionStartIncluding": "2.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "67E82302-4B77-44F3-97B1-24C18AC4A35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
},
{
"lang": "es",
"value": "Un desbordamiento del b\u00fafer de la pila en Freetype en Google Chrome anterior a versi\u00f3n 86.0.4240.111, permit\u00eda a un atacante remoto explotar potencialmente una corrupci\u00f3n de pila por medio de una p\u00e1gina HTML dise\u00f1ada"
}
],
"id": "CVE-2020-15999",
"lastModified": "2025-02-05T14:37:57.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-11-03T03:15:14.853",
"references": [
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Broken Link",
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Not Applicable",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/33"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://crbug.com/1139963"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202011-12"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202012-04"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202401-19"
},
{
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Not Applicable",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Nov/33"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://chromereleases.googleblog.com/2020/10/stable-channel-update-for-desktop_20.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://crbug.com/1139963"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://googleprojectzero.blogspot.com/p/rca-cve-2020-15999.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3QVIGAAJ4D62YEJAJJWMCCBCOQ6TVL7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202011-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202012-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202401-19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20240812-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4824"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=194 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=194 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font."
},
{
"lang": "es",
"value": "La funci\u00f3n tt_face_load_kern en sfnt/ttkern.c en FreeType anterior a 2.5.4 fuerza una longitud de tabla m\u00ednima incorrecta, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente TrueType manipulada."
}
],
"id": "CVE-2014-9658",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:20.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=194"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800589 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800589 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, en plataformas de 64 bits, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con la celda de una tabla de una fuente."
}
],
"id": "CVE-2012-1131",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.183",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=154 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415 | Issue Tracking | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=154 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font."
},
{
"lang": "es",
"value": "Error de signo de enteros en la funci\u00f3n Mac_Read_POST_Resource en base/ftobjs.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de buffer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente Mac manipulada."
}
],
"id": "CVE-2014-9673",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-08T11:59:34.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=154"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=35252ae9aa1dd9343e9f4884e9ddb1fee10ef415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800590 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800590 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados del diccionario en una fuente Type 1."
}
],
"id": "CVE-2012-1132",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.213",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-03 05:15
Modified
2024-11-21 02:40
Severity ?
Summary
FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73 | Patch, Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:4254 | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html | Third Party Advisory | |
| cve@mitre.org | https://savannah.nongnu.org/bugs/?45922 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4126-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:4254 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?45922 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4126-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6229BC68-7A96-4AA6-ACE9-6FD89C24B203",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation."
},
{
"lang": "es",
"value": "FreeType en versiones anteriores a la. 6.1 tiene una sobrelectura de b\u00fafer en skip_comment en psaux/psobjs.c porque ps_parser_skip_PS_token se controla incorrectamente en una operaci\u00f3n FT_New_Memory_Face."
}
],
"id": "CVE-2015-9382",
"lastModified": "2024-11-21T02:40:29.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-03T05:15:10.823",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?45922"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?45922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4126-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2 | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=613160 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30106 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=613160 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30106 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | mac_os_x | * | |
| debian | debian_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BB787B-4D62-4277-819C-3E627B9B7FC8",
"versionEndExcluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation."
},
{
"lang": "es",
"value": "La funci\u00f3n psh_glyph_find_strong_points en pshinter/pshalgo.c de FreeType anterior a v2.4.0 no implementa adecuadamente mascaras sugeridas, lo cual permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n en la pila de memoria y fallo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de ficheros de fuentes manipulados que provocan una operaci\u00f3n libre no v\u00e1lida."
}
],
"id": "CVE-2010-2498",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:04.000",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613160"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8d22746c9e5af80ff4304aef440986403a5072e2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30106"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800600 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800600 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un objeto de fuente PostScript modificado."
}
],
"id": "CVE-2012-1140",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.607",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-22 14:15
Modified
2024-11-21 06:55
Severity ?
Summary
FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://freetype.com | Not Applicable | |
| cve@mitre.org | https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140 | Exploit, Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202402-06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://freetype.com | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-06 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE181DF7-C86E-495B-8CBC-DEA63DD8F647",
"versionEndExcluding": "2.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size."
},
{
"lang": "es",
"value": "Se ha detectado que el commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 de FreeType conten\u00eda una violaci\u00f3n de segmentaci\u00f3n por medio de la funci\u00f3n FT_Request_Size"
}
],
"id": "CVE-2022-27406",
"lastModified": "2024-11-21T06:55:41.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-22T14:15:09.537",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://freetype.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202402-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://freetype.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202402-06"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-24 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8 | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html | ||
| secalert@redhat.com | http://secunia.com/advisories/51826 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51900 | Vendor Advisory | |
| secalert@redhat.com | http://www.freetype.org/ | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/12/25/2 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1027921 | ||
| secalert@redhat.com | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1686-1 | ||
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?37907 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51826 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51900 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.freetype.org/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/12/25/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027921 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1686-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?37907 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| freetype | freetype | 2.4.8 | |
| freetype | freetype | 2.4.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "246A62B7-B82F-44BD-B3D7-F6A474F76E70",
"versionEndIncluding": "2.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "52FA516A-918B-4727-8108-EE89FA5EB123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB966A5-4663-4133-84B8-F292125990DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value."
},
{
"lang": "es",
"value": "La funci\u00f3n _bdf_parse_glyphs en FreeType antes v2.4.11 permite a atacantes dependientes de contexto provocar una denegaci\u00f3n de servicio (fuera del terreno de juego de escritura y bloqueo) a trav\u00e9s de vectores relacionados con las fuentes BDF y un campo de codificaci\u00f3n con un valor negativo."
}
],
"id": "CVE-2012-5670",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-24T21:55:01.273",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51826"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51900"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freetype.org/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027921"
},
{
"source": "secalert@redhat.com",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"source": "secalert@redhat.com",
"url": "https://savannah.nongnu.org/bugs/?37907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freetype.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://savannah.nongnu.org/bugs/?37907"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8 | Patch, Third Party Advisory | |
| cve@mitre.org | http://savannah.nongnu.org/bugs/?func=detailitem&item_id=49858 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/97677 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://savannah.nongnu.org/bugs/?func=detailitem&item_id=49858 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97677 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| oracle | outside_in_technology | 8.5.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8586B21E-6FF2-40B5-BB2A-20424D4EEDE5",
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "72F1A960-EBA5-4BDB-B629-20F0D2384562",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c."
},
{
"lang": "es",
"value": "FreeType 2 en versiones anteriores a 16-12-2016 tiene una escritura fuera de l\u00edmites provocada por un desbordamiento de b\u00fafer basado en memoria din\u00e1mica relacionado con la funci\u00f3n cff_parser_run en cff/cffparse.c."
}
],
"id": "CVE-2016-10328",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T04:59:00.197",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://savannah.nongnu.org/bugs/?func=detailitem\u0026item_id=49858"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97677"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://savannah.nongnu.org/bugs/?func=detailitem\u0026item_id=49858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800594 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800594 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s del glifo modificado o datos del mapa de bits en una fuente BDF que carece de campo ENCODING."
}
],
"id": "CVE-2012-1136",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.417",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=184 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1 | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=184 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field\u0027s value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table."
},
{
"lang": "es",
"value": "La funci\u00f3n tt_cmap4_validate en sfnt/ttcmap.c en FreeType anterior a 2.5.4 valida cierto campo de longitud antes de que el valor de este campo est\u00e1 calculado completamente, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de una tabla SFNT cmap manipulada."
}
],
"id": "CVE-2014-9663",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:25.490",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=184"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9bd20b7304aae61de5d50ac359cf27132bafd4c1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800587 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800587 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de las propiedades modificadas en una fuente PCF.."
}
],
"id": "CVE-2012-1130",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.137",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40982 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0577.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=617342 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40982 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0577.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=617342 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33E14690-3A9D-45C7-A270-3433F79DEC28",
"versionEndExcluding": "2.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en ftmulti.c en el programa ftmulti demo en FreeType anterior a v2.4.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero fuente manipulado."
}
],
"id": "CVE-2010-2541",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:04.843",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=617342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=617342"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800598 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800598 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font."
},
{
"lang": "es",
"value": "Error de \u00edndice de matriz en FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s del glifo modificado de una fuente BDF."
}
],
"id": "CVE-2012-1139",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.557",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-02 19:30
Modified
2025-04-09 00:30
Severity ?
Summary
The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype&r1=1.17&r2=1.18 | ||
| cve@mitre.org | http://savannah.nongnu.org/bugs/index.php?19536 | ||
| cve@mitre.org | http://secunia.com/advisories/25884 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/24708 | ||
| cve@mitre.org | https://sourceforge.net/project/shownotes.php?group_id=3157&release_id=499970 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype&r1=1.17&r2=1.18 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://savannah.nongnu.org/bugs/index.php?19536 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25884 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/24708 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceforge.net/project/shownotes.php?group_id=3157&release_id=499970 | Patch |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5013DA85-1746-4272-BDD3-19A5F06565F8",
"versionEndIncluding": "2.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a \"memory buffer overwrite bug.\""
},
{
"lang": "es",
"value": "La funci\u00f3n ft_bitmap_assure_buffer en src/base/ftbimap.c de FreeType 2.3.3 permite a atacantes remotos dependientes del contexto provocar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores no especificados que implican fuentes de mapas de bits, relacionado con \"fallo de sobrescritura de memoria de b\u00fafer\"."
}
],
"id": "CVE-2007-3506",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-02T19:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype\u0026r1=1.17\u0026r2=1.18"
},
{
"source": "cve@mitre.org",
"url": "http://savannah.nongnu.org/bugs/index.php?19536"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25884"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24708"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=499970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/base/ftbitmap.c?root=freetype\u0026r1=1.17\u0026r2=1.18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://savannah.nongnu.org/bugs/index.php?19536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=499970"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. These issues did not affect the versions of freetype as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.",
"lastModified": "2007-07-05T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | ||
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=185 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2 | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=185 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font."
},
{
"lang": "es",
"value": "cff/cf2ft.c en FreeType anterior a 2.5.4 no valida los valores de retorno de las funciones de la reserva de puntos, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de buffer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente OTF manipulada."
}
],
"id": "CVE-2014-9662",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:24.537",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=185"
},
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5f201ab5c24cb69bc96b724fd66e739928d6c5e2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-22 14:15
Modified
2024-11-21 06:55
Severity ?
Summary
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202402-06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-06 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE181DF7-C86E-495B-8CBC-DEA63DD8F647",
"versionEndExcluding": "2.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face."
},
{
"lang": "es",
"value": "Se ha detectado que el commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f de FreeType conten\u00eda un desbordamiento del b\u00fafer de la pila por medio de la funci\u00f3n sfnt_init_face"
}
],
"id": "CVE-2022-27404",
"lastModified": "2024-11-21T06:55:40.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-22T14:15:09.423",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202402-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202402-06"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975 | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128110167119337&w=2 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40816 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40982 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42314 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42317 | Third Party Advisory | |
| secalert@redhat.com | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Product, Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0864.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=621907 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0737.html | Broken Link | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30658 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128110167119337&w=2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40816 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40982 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42314 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42317 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0864.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=621907 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0737.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30658 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33E14690-3A9D-45C7-A270-3433F79DEC28",
"versionEndExcluding": "2.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9636697-5FDF-4F67-A95B-D74DDD67A5DD",
"versionEndExcluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "407115F2-CC65-448B-8133-D3D57AD306BA",
"versionEndExcluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "C91D2DBF-6DA7-4BA2-9F29-8BD2725A4701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n Mac_Read_POST_Resource en base/ftobjs.c de FreeType anterior a v2.4.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y fallo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de fuentes Adobe Type 1 Mac Font File (tambi\u00e9n conocido como LWFN) manipuladas."
}
],
"id": "CVE-2010-2808",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-19T18:00:05.327",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128110167119337\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "secalert@redhat.com",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621907"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=81f3472c0ba7b8f6466e2e214fa8c1c17fade975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128110167119337\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30658"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=166 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891 | Issue Tracking | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Third Party Advisory | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=166 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table."
},
{
"lang": "es",
"value": "sfnt/ttload.c en FreeType anterior a 2.5.4 proceda con los c\u00e1lculos de la longitud de offset sin restringir los valores, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de enteros y lectura fuera de rango) o posiblemnete tener otro impacto no especificado a trav\u00e9s de una tabla SFNT manipulada."
}
],
"id": "CVE-2014-9667",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:29.133",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=166"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=166"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=677ddf4f1dc1b36cef7c7ddd59a14c508f4b1891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0577.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=613167 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30263 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0577.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=613167 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30263 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | mac_os_x | * | |
| debian | debian_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BB787B-4D62-4277-819C-3E627B9B7FC8",
"versionEndExcluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "Desbordamiento de entero en la funci\u00f3n gray_render_span en smooth/ftgrays.c en FreeType anterior a v2.4.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero fuente manipulado."
}
],
"id": "CVE-2010-2500",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-19T18:00:04.280",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613167"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=6305b869d86ff415a33576df6d43729673c66eee"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30263"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-24 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html | ||
| secalert@redhat.com | http://secunia.com/advisories/51826 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51900 | Vendor Advisory | |
| secalert@redhat.com | http://www.freetype.org/ | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/12/25/2 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1027921 | ||
| secalert@redhat.com | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1686-1 | ||
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?37905 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51826 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51900 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.freetype.org/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/12/25/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027921 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1686-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?37905 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| freetype | freetype | 2.4.8 | |
| freetype | freetype | 2.4.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "246A62B7-B82F-44BD-B3D7-F6A474F76E70",
"versionEndIncluding": "2.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "52FA516A-918B-4727-8108-EE89FA5EB123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB966A5-4663-4133-84B8-F292125990DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an \"allocation error\" in the bdf_free_font function."
},
{
"lang": "es",
"value": "FreeType anterior a v2.4.11, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (Ca\u00edda y deferencia a puntero nulo) posiblemente la ejecuci\u00f3n de c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con las fuentes BDF y un manejo incorrecto de una \"ubicaci\u00f3n de error\" en la funci\u00f3n bdf_free_font."
}
],
"id": "CVE-2012-5668",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-24T21:55:01.163",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51826"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51900"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freetype.org/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027921"
},
{
"source": "secalert@redhat.com",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"source": "secalert@redhat.com",
"url": "https://savannah.nongnu.org/bugs/?37905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freetype.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://savannah.nongnu.org/bugs/?37905"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8 | Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/97673 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-14 | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97673 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA3966-EA75-48BB-8D9C-3C834BA9CC8A",
"versionEndIncluding": "2.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c."
},
{
"lang": "es",
"value": "FreeType 2 en versiones anteriores a 02-02-2017 tiene una escritura fuera de l\u00edmites provocado por un desbordamiento de b\u00fafer basado en memoria din\u00e1mica en relaci\u00f3n con la funci\u00f3n tt_size_reset en truetype/ttobjs.c."
}
],
"id": "CVE-2017-7864",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T04:59:00.557",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97673"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=e6699596af5c5d6f0ae0ea06e19df87dce088df8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-17 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc | ||
| secalert@redhat.com | http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 | Patch | |
| secalert@redhat.com | http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| secalert@redhat.com | http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html | Exploit | |
| secalert@redhat.com | http://osvdb.org/36509 | ||
| secalert@redhat.com | http://secunia.com/advisories/25350 | ||
| secalert@redhat.com | http://secunia.com/advisories/25353 | ||
| secalert@redhat.com | http://secunia.com/advisories/25386 | ||
| secalert@redhat.com | http://secunia.com/advisories/25463 | ||
| secalert@redhat.com | http://secunia.com/advisories/25483 | ||
| secalert@redhat.com | http://secunia.com/advisories/25609 | ||
| secalert@redhat.com | http://secunia.com/advisories/25612 | ||
| secalert@redhat.com | http://secunia.com/advisories/25654 | ||
| secalert@redhat.com | http://secunia.com/advisories/25705 | ||
| secalert@redhat.com | http://secunia.com/advisories/25808 | ||
| secalert@redhat.com | http://secunia.com/advisories/25894 | ||
| secalert@redhat.com | http://secunia.com/advisories/25905 | ||
| secalert@redhat.com | http://secunia.com/advisories/26129 | ||
| secalert@redhat.com | http://secunia.com/advisories/26305 | ||
| secalert@redhat.com | http://secunia.com/advisories/28298 | ||
| secalert@redhat.com | http://secunia.com/advisories/30161 | ||
| secalert@redhat.com | http://secunia.com/advisories/35074 | ||
| secalert@redhat.com | http://secunia.com/advisories/35200 | ||
| secalert@redhat.com | http://secunia.com/advisories/35204 | ||
| secalert@redhat.com | http://secunia.com/advisories/35233 | ||
| secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1 | ||
| secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1 | ||
| secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT3549 | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm | ||
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1302 | ||
| secalert@redhat.com | http://www.debian.org/security/2007/dsa-1334 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2007:121 | ||
| secalert@redhat.com | http://www.novell.com/linux/security/advisories/2007_41_freetype2.html | ||
| secalert@redhat.com | http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2007-0403.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0329.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1062.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/469463/100/200/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/471286/30/6180/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/24074 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1018088 | ||
| secalert@redhat.com | http://www.trustix.org/errata/2007/0019/ | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-466-1 | ||
| secalert@redhat.com | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/1894 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/2229 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2008/0049 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1297 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 | Exploit | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=502565 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-1390 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532 | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype&r1=1.177&r2=1.178 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/36509 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25350 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25353 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25386 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25463 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25483 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25609 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25612 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25654 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25705 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25808 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25894 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25905 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26129 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26305 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/28298 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30161 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35074 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35200 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35204 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35233 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3549 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1302 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2007/dsa-1334 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2007:121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.novell.com/linux/security/advisories/2007_41_freetype2.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0403.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0329.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1062.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/469463/100/200/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/471286/30/6180/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/24074 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018088 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2007/0019/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-466-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/1894 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2229 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0049 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1297 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=502565 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1390 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "758A1746-60B0-4352-8074-AAE6C1BC4F32",
"versionEndIncluding": "2.3.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow."
},
{
"lang": "es",
"value": "Error de presencia de signo en entero en truetype/ttgload.c de Freetype 2.3.4 y versiones anteriores podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una imagen TTF manipulada con un valor n_points negativo, lo que conduce a un desbordamiento de entero y desbordamiento de b\u00fafer basado en mont\u00edculo. \r\n"
}
],
"id": "CVE-2007-2754",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-17T22:30:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype\u0026r1=1.177\u0026r2=1.178"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/36509"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25350"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25353"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25386"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25463"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25483"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25609"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25612"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25654"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25705"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25808"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25894"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/25905"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26129"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/26305"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/28298"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/30161"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35074"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35200"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35204"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/35233"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1302"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2007/dsa-1334"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:121"
},
{
"source": "secalert@redhat.com",
"url": "http://www.novell.com/linux/security/advisories/2007_41_freetype2.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0403.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/469463/100/200/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/471286/30/6180/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/24074"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1018088"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-466-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/1894"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/2229"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/0049"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-1390"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.savannah.nongnu.org/viewvc/freetype2/src/truetype/ttgload.c?root=freetype\u0026r1=1.177\u0026r2=1.178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://lists.gnu.org/archive/html/freetype-devel/2007-04/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25353"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/25905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103171-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-330.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200707-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_41_freetype2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0403.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/469463/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/471286/30/6180/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2007/0019/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-466-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-07 14:06
Modified
2025-04-12 10:46
Severity ?
Summary
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@ubuntu.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 | ||
| security@ubuntu.com | http://www.debian.org/security/2015/dsa-3370 | ||
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2015/09/11/4 | ||
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2015/09/25/4 | ||
| security@ubuntu.com | http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | ||
| security@ubuntu.com | https://savannah.nongnu.org/bugs/?41309 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3370 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/09/11/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/09/25/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?41309 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font."
},
{
"lang": "es",
"value": "Las funciones (1) t1_parse_font_matrix en type1/t1load.c, (2) cid_parse_font_matrix en cid/cidload.c, (3) t42_parse_font_matrix en type42/t42parse.c y (4) ps_parser_load_field en psaux/psobjs.c en FreeType en versiones anteriores a 2.5.4 no verifican los valores de retorno, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (acceso a memoria no inicializada y ca\u00edda de aplicaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente manipulada."
}
],
"id": "CVE-2014-9746",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-07T14:06:01.790",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"source": "security@ubuntu.com",
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"source": "security@ubuntu.com",
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"source": "security@ubuntu.com",
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"source": "security@ubuntu.com",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "security@ubuntu.com",
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://savannah.nongnu.org/bugs/?41309"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-03-11 14:15
Modified
2025-05-07 16:00
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve-assign@fb.com | https://www.facebook.com/security/advisories/cve-2025-27363 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/13/1 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/13/11 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/13/12 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/13/2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/13/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/13/8 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/14/1 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/14/2 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/14/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/03/14/4 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/05/06/3 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/03/msg00030.html | Mailing List | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://source.android.com/docs/security/bulletin/2025-05-01 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 11.0 |
{
"cisaActionDue": "2025-05-27",
"cisaExploitAdd": "2025-05-06",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "FreeType Out-of-Bounds Write Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47088474-E5B5-4220-8F12-D664F2DED5C1",
"versionEndIncluding": "2.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild."
},
{
"lang": "es",
"value": "Existe una escritura fuera de los l\u00edmites en las versiones 2.13.0 y anteriores de FreeType al intentar analizar estructuras de subglifos de fuentes relacionadas con archivos de fuentes TrueType GX y variables. El c\u00f3digo vulnerable asigna un valor short con signo a un long sin signo y luego a\u00f1ade un valor est\u00e1tico, lo que provoca un bucle y asigna un b\u00fafer de mont\u00f3n demasiado peque\u00f1o. El c\u00f3digo escribe entonces hasta 6 enteros long con signo fuera de los l\u00edmites en relaci\u00f3n con este b\u00fafer. Esto puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Esta vulnerabilidad podr\u00eda haber sido explotada in situ."
}
],
"id": "CVE-2025-27363",
"lastModified": "2025-05-07T16:00:55.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "cve-assign@fb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-03-11T14:15:25.427",
"references": [
{
"source": "cve-assign@fb.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.facebook.com/security/advisories/cve-2025-27363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/13/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/03/14/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2025/05/06/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00030.html"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/docs/security/bulletin/2025-05-01"
}
],
"sourceIdentifier": "cve-assign@fb.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=157 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3 | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=157 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented."
},
{
"lang": "es",
"value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en la funci\u00f3n pcf_get_properties en pcf/pcfread.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un fichero PCF manipulado con un valor de tama\u00f1o 0xffffffff que est\u00e1 incrementado incorrectamente."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2014-9671",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-08T11:59:32.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=157"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0e2f5d518c60e2978f26400d110eff178fa7e3c3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127912955808467&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://savannah.nongnu.org/bugs/?30054 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0577.html | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=614557 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127912955808467&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://savannah.nongnu.org/bugs/?30054 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0577.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=614557 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 5.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BB787B-4D62-4277-819C-3E627B9B7FC8",
"versionEndExcluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en programas de demostraci\u00f3n de FreeType anterior a v2.4.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de ficheros de fuentes manipulados."
}
],
"id": "CVE-2010-2527",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:04.607",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127912955808467\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://savannah.nongnu.org/bugs/?30054"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=614557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2-demos.git/commit/?id=b995299b73ba4cd259f221f500d4e63095508bec"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127912955808467\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "http://savannah.nongnu.org/bugs/?30054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0577.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=614557"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-06 06:59
Modified
2025-04-20 01:37
Severity ?
Summary
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7 | Release Notes, Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3839 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/97405 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1038090 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id/1038201 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36 | Exploit, Patch, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| cve@mitre.org | https://source.android.com/security/bulletin/2017-04-01 | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3839 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97405 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038090 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038201 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2017-04-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00F6519F-A001-4D60-BB62-96C226DD828A",
"versionEndExcluding": "2.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file."
},
{
"lang": "es",
"value": "La funci\u00f3n parse_charstrings en type1/t1load.c en FreeType 2 en versiones anteriores a 2.7 no asegura que una fuente contiene un nombre glyph, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (sobre lectura de b\u00fafer basada en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado a trav\u00e9s de un archivo manipulado."
}
],
"id": "CVE-2016-10244",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-06T06:59:00.177",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97405"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038090"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038201"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800602 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800602 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s una cadena ASCII modificada en una fuente BDF."
}
],
"id": "CVE-2012-1141",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.650",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800597 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800597 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores que implican una instrucci\u00f3n MIRP en una fuente TrueType."
}
],
"id": "CVE-2012-1138",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.527",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800591 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800591 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de de un glifo o datos del mapa de imagen modificados en una fuente BDF."
}
],
"id": "CVE-2012-1133",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.260",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557 | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40816 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40982 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42314 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42317 | Third Party Advisory | |
| secalert@redhat.com | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0864.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=621980 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0736.html | Broken Link | |
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0737.html | Broken Link | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30656 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40816 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40982 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42314 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42317 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0864.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=621980 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0736.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0737.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30656 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33E14690-3A9D-45C7-A270-3433F79DEC28",
"versionEndExcluding": "2.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9636697-5FDF-4F67-A95B-D74DDD67A5DD",
"versionEndExcluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "407115F2-CC65-448B-8133-D3D57AD306BA",
"versionEndExcluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Error de \u00edndice de array en la funci\u00f3n t42_parse_sfnts en type42/t42parse.c de FreeType anterior a v2.4.2 permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de valores de tama\u00f1o negativo para ciertas cadenas en ficheros de fuentes FontType42, llevando a desbordamientos de b\u00fafer basados en pila."
}
],
"id": "CVE-2010-2806",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-19T18:00:05.107",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621980"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c06da1ad34663da7b6fc39b030dc3ae185b96557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=621980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30656"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-129"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=158 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6 | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=158 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row."
},
{
"lang": "es",
"value": "M\u00faltiples erroes de signo de enteros en la funci\u00f3n pcf_get_encodings en pcf/pcfread.c en FreeType anterior a 2.5.4 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de enteros, referencia a puntero nulo y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un fichero PCF manipulado que especifica valores negativos para la primera columna y la primera fila."
}
],
"id": "CVE-2014-9670",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:31.693",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=158"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ef1eba75187adfac750f326b563fe543dd5ff4e6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=195 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55 | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=195 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font."
},
{
"lang": "es",
"value": "La funci\u00f3n tt_face_load_hdmx en truetype/ttpload.c en FreeType anterior a 2.5.4 no establece un tama\u00f1o de registro m\u00ednimo, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente TrueType manipulada."
}
],
"id": "CVE-2014-9657",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:19.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=195"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=eca0f067068020870a429fe91f6329e499390d55"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800583 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800583 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de lectura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados del glifo o mapa de imagen en una fuente BDF."
}
],
"id": "CVE-2012-1127",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:17.997",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e | Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/97682 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738 | Issue Tracking, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97682 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA3966-EA75-48BB-8D9C-3C834BA9CC8A",
"versionEndIncluding": "2.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c."
},
{
"lang": "es",
"value": "FreeType 2 en versiones anteriores a 07-03-2017 tiene una escritura fuera de l\u00edmites en relaci\u00f3n con la funci\u00f3n TT_Get_MM_Var en truetype/ttgxvar.c y en la funci\u00f3n sfnt_init_face en sfnt/sfobjs.c."
}
],
"id": "CVE-2017-7858",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T04:59:00.307",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97682"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=779309744222a736eba0f1731e8162fce6288d4e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-21 14:03
Modified
2025-04-03 01:03
Severity ?
Summary
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | ||
| secalert@redhat.com | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | ||
| secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html | ||
| secalert@redhat.com | http://secunia.com/advisories/21062 | ||
| secalert@redhat.com | http://secunia.com/advisories/21135 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21144 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21232 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21285 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21566 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21567 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21606 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21626 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21701 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21793 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21798 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21836 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/22027 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/22332 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/22875 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/22907 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/23400 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/23939 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27271 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/33937 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200609-04.xml | ||
| secalert@redhat.com | http://securitytracker.com/id?1016522 | ||
| secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT3438 | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm | ||
| secalert@redhat.com | http://www.debian.org/security/2006/dsa-1178 | ||
| secalert@redhat.com | http://www.debian.org/security/2006/dsa-1193 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:129 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:148 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0500.html | Patch, Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0634.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0635.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/444318/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/451404/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/451417/100/200/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/451419/100/200/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/451426/100/200/threaded | ||
| secalert@redhat.com | http://www.trustix.org/errata/2006/0052/ | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-324-1 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/usn-341-1 | ||
| secalert@redhat.com | http://www.vmware.com/download/esx/esx-202-200610-patch.html | ||
| secalert@redhat.com | http://www.vmware.com/download/esx/esx-213-200610-patch.html | ||
| secalert@redhat.com | http://www.vmware.com/download/esx/esx-254-200610-patch.html | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2006/4502 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2006/4522 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/0381 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21062 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21135 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21144 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21232 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21285 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21566 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21567 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21606 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21626 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21701 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21793 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21798 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21836 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/22027 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/22332 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/22875 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/22907 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23400 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23939 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27271 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33937 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200609-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016522 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3438 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1193 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:129 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:148 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0500.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0634.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0635.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/444318/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/451404/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/451417/100/200/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/451419/100/200/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/451426/100/200/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trustix.org/errata/2006/0052/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-324-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-341-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/download/esx/esx-202-200610-patch.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/download/esx/esx-213-200610-patch.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/download/esx/esx-254-200610-patch.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/4502 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/4522 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0381 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6351F282-0A46-4A6D-9793-D338845EFF2F",
"versionEndIncluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861."
},
{
"lang": "es",
"value": "Desbordamiento de entero en FreeType en versiones anteriores a 2.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo PCF manipulado, seg\u00fan lo demostrado mediante el archivo de prueba Red Hat bad1.pcf, debido a una soluci\u00f3n parcial de CVE-2006-1861."
}
],
"id": "CVE-2006-3467",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-21T14:03:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "secalert@redhat.com",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/21062"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21144"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21232"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21285"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21566"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21567"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21606"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21626"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21793"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21798"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21836"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22027"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22332"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22875"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22907"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23400"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27271"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200609-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1016522"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-1178"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-1193"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:129"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:148"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0634.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0635.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/444318/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.trustix.org/errata/2006/0052/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-324-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-341-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/4502"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2006/4522"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Aug/0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/21062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21232"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200609-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-186.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-284.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0635.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/444318/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2006/0052/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-324-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-341-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10673"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800592 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800592 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados del diccionario privado en una fuente Type 1."
}
],
"id": "CVE-2012-1134",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.307",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=188 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=188 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font."
},
{
"lang": "es",
"value": "La funci\u00f3n _bdf_parse_glyphs en bdf/bdflib.c en FreeType anterior a 2.5.4 no maneja correctamente un registro ENDCHAR perdido, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (referencia a puntero nulo) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente BDF manipulada."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2014-9660",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:22.680",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=188"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=af8346172a7b573715134f7a51e6c5c60fa7f2ab"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=153 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3 | Patch, Vendor Advisory | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2016/dsa-3461 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=153 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2016/dsa-3461 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font."
},
{
"lang": "es",
"value": "La funci\u00f3n Mac_Read_POST_Resource en base/ftobjs.c en FreeType anterior a 2.5.4 proceda con la suma de los valores de longitud sin validar los valores originales, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de enteros y desbordamiento de buffer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente Mac manipulada."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/190.html\"\u003eCWE-190: Integer Overflow or Wraparound\u003c/a\u003e",
"id": "CVE-2014-9674",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:35.633",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=153"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3461"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=240c94a185cd8dae7d03059abec8a5662c35ecd3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=cd4a5a26e591d01494567df9dec7f72d59551f6e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-19 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| product-security@apple.com | http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html | ||
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html | Vendor Advisory | |
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html | Vendor Advisory | |
| product-security@apple.com | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html | ||
| product-security@apple.com | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html | ||
| product-security@apple.com | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html | ||
| product-security@apple.com | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.html | ||
| product-security@apple.com | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.html | ||
| product-security@apple.com | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.html | ||
| product-security@apple.com | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.html | ||
| product-security@apple.com | http://secunia.com/advisories/45167 | Vendor Advisory | |
| product-security@apple.com | http://secunia.com/advisories/45224 | Vendor Advisory | |
| product-security@apple.com | http://support.apple.com/kb/HT4802 | Vendor Advisory | |
| product-security@apple.com | http://support.apple.com/kb/HT4803 | Vendor Advisory | |
| product-security@apple.com | http://support.apple.com/kb/HT5002 | ||
| product-security@apple.com | http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html | ||
| product-security@apple.com | http://www.debian.org/security/2011/dsa-2294 | ||
| product-security@apple.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:120 | ||
| product-security@apple.com | http://www.redhat.com/support/errata/RHSA-2011-1085.html | ||
| product-security@apple.com | http://www.securityfocus.com/bid/48619 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45167 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45224 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4802 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4803 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5002 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2294 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:120 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1085.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/48619 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.2.10 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| apple | iphone_os | * | |
| apple | iphone_os | 1.0.0 | |
| apple | iphone_os | 1.0.1 | |
| apple | iphone_os | 1.0.2 | |
| apple | iphone_os | 1.1.0 | |
| apple | iphone_os | 1.1.1 | |
| apple | iphone_os | 1.1.2 | |
| apple | iphone_os | 1.1.3 | |
| apple | iphone_os | 1.1.4 | |
| apple | iphone_os | 1.1.5 | |
| apple | iphone_os | 2.0 | |
| apple | iphone_os | 2.0.0 | |
| apple | iphone_os | 2.0.1 | |
| apple | iphone_os | 2.0.2 | |
| apple | iphone_os | 2.1 | |
| apple | iphone_os | 2.1.1 | |
| apple | iphone_os | 2.2 | |
| apple | iphone_os | 2.2.1 | |
| apple | iphone_os | 3.0 | |
| apple | iphone_os | 3.0.1 | |
| apple | iphone_os | 3.1 | |
| apple | iphone_os | 3.1.2 | |
| apple | iphone_os | 3.1.3 | |
| apple | iphone_os | 3.2 | |
| apple | iphone_os | 3.2.1 | |
| apple | iphone_os | 3.2.2 | |
| apple | iphone_os | 4.0 | |
| apple | iphone_os | 4.0.1 | |
| apple | iphone_os | 4.0.2 | |
| apple | iphone_os | 4.1 | |
| apple | iphone_os | 4.2 | |
| apple | iphone_os | 4.2.1 | |
| apple | iphone_os | 4.2.5 | |
| apple | iphone_os | 4.3.0 | |
| apple | iphone_os | 4.3.1 | |
| apple | iphone_os | 4.3.2 | |
| apple | iphone_os | 4.3.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22668317-72EF-41B9-9379-1AEC251C5F49",
"versionEndIncluding": "2.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4450B4-B21F-4153-B9DD-C36A2381F00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20E87ED9-A08D-48B2-83A8-AD2C0F6A22A9",
"versionEndIncluding": "4.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B6D035-38A9-4C0B-9A9D-CAE3BF1CA56D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5B94E7-2C24-4913-B65E-8D8A0DE2B80B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E28FB0CB-D636-4F85-B5F7-70EC30053925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC16D1C-065A-4D1A-BA6E-528A71DF65CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27319629-171F-42AA-A95F-2D71F78097D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7AEFAB-7BB0-40D8-8BA5-71B374EB69DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "297F9438-0F04-4128-94A8-A504B600929E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F8618621-F871-4531-9F6C-7D60F2BF8B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "824DED2D-FA1D-46FC-8252-6E25546DAE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1641DDFA-3BF1-467F-8EC3-98114FF9F07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF40CDA4-4716-4815-9ED0-093FE266734C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D61644E2-7AF5-48EF-B3D5-59C7B2AD1A58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3D06D54D-97FD-49FD-B251-CC86FBA68CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25A5D868-0016-44AB-80E6-E5DF91F15455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C14EEA4-6E35-4EBE-9A43-8F6D69318BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B15E90AE-2E15-4BC2-B0B8-AFA2B1297B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E0C0A8D-3DDD-437A-BB3D-50FAEAF6C440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "863383DA-0BC6-4A96-835A-A96128EC0202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFF5BE7-2BF6-48CE-B74B-B1A05383C10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "51D3BE2B-5A01-4AD4-A436-0056B50A535D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A20F171-79FE-43B9-8309-B18341639FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "126EF22D-29BC-4366-97BC-B261311E6251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3B3DD7B3-DA4C-4B0A-A94E-6BF66B358B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A939B80-0AD0-48AF-81A7-370716F56639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D28528CE-4943-4F82-80C0-A629DA3E6702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12E22AF0-2B66-425A-A1EE-4F0E3B0433E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB34ECBE-33E8-40E1-936B-7800D2525AE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "107C59BE-D8CF-4A17-8DFB-BED2AB12388D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36C86BB9-0328-4E34-BC2B-47B3471EC262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1878949F-8E15-4751-8D8A-BFB2B9B9254A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54A8681-2D8A-4B0B-A947-82F3CE1FB03C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0070D83-2E27-4DA8-8D10-A6A697216F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7252935C-E421-4339-B61F-0299E28888DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD342BF-096A-4082-B700-19629F2BDE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "93141AB6-26F2-4C6D-95B3-D383EABB4034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D5C61FF-7CD3-410A-94F2-5DE701466B1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011."
},
{
"lang": "es",
"value": "Error de entero sin signo en psaux/t1decode.c en FreeType anterior a v2.4.6, es usado enCoreGraphics en Apple iOS anterior a v4.2.9 y v4.3.x anterior a v4.3.4 y otros productos, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria o ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una fuente manipulada Type 1 en un documento PDF, como se explot\u00f3 en Julio 2011."
}
],
"id": "CVE-2011-0226",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-19T22:55:00.820",
"references": [
{
"source": "product-security@apple.com",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.html"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45167"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45224"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4802"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4803"
},
{
"source": "product-security@apple.com",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "product-security@apple.com",
"url": "http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html"
},
{
"source": "product-security@apple.com",
"url": "http://www.debian.org/security/2011/dsa-2294"
},
{
"source": "product-security@apple.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:120"
},
{
"source": "product-security@apple.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1085.html"
},
{
"source": "product-security@apple.com",
"url": "http://www.securityfocus.com/bid/48619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1085.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48619"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b | Patch, Third Party Advisory | |
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=613194 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30306 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=613194 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30306 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | mac_os_x | * | |
| debian | debian_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BB787B-4D62-4277-819C-3E627B9B7FC8",
"versionEndExcluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n Mac_Read_POST_Resource en base/ftobjs.c de FreeType anterior a v2.4.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de manipular el valor longitud en un fragmento de cabecera POST de un fichero de fuente."
}
],
"id": "CVE-2010-2519",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-19T18:00:04.357",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613194"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=5ef20c8c1d4de12a84b50ba497c2a358c90ec44b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b2ea64bcc6c385a8e8318f9c759450a07df58b6d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30306"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800606 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800606 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (error de divisi\u00f3n por cero) a trav\u00e9s de una fuente TrueType modificada."
}
],
"id": "CVE-2012-1143",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.730",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-22 14:15
Modified
2024-11-21 06:55
Severity ?
Summary
FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://freetype.com | Not Applicable | |
| cve@mitre.org | https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139 | Issue Tracking, Vendor Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/ | ||
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/ | ||
| cve@mitre.org | https://security.gentoo.org/glsa/202402-06 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://freetype.com | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202402-06 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE181DF7-C86E-495B-8CBC-DEA63DD8F647",
"versionEndExcluding": "2.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request."
},
{
"lang": "es",
"value": "Se ha detectado que el commit 53dfdcd8198d2b3201a23c4bad9190519ba918db de FreeType conten\u00eda una violaci\u00f3n de segmentaci\u00f3n por medio de la funci\u00f3n FNT_Size_Request"
}
],
"id": "CVE-2022-27405",
"lastModified": "2024-11-21T06:55:41.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-22T14:15:09.483",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://freetype.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202402-06"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://freetype.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202402-06"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-30 13:15
Modified
2024-11-21 02:40
Severity ?
Summary
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30 | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html | ||
| cve@mitre.org | https://savannah.nongnu.org/bugs/?45923 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://support.f5.com/csp/article/K38315305 | ||
| cve@mitre.org | https://support.f5.com/csp/article/K38315305?utm_source=f5support&%3Butm_medium=RSS | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?45923 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K38315305 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.f5.com/csp/article/K38315305?utm_source=f5support&%3Butm_medium=RSS |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6229BC68-7A96-4AA6-ACE9-6FD89C24B203",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again."
},
{
"lang": "es",
"value": "En FreeType anterior a versi\u00f3n 2.6.1, se presenta una lectura excesiva de b\u00fafer en el archivo type1/t1parse.c en la funci\u00f3n T1_Get_Private_Dict, donde no hay ninguna comprobaci\u00f3n de que los nuevos valores de cur y limit son razonables antes de ir a Again."
}
],
"id": "CVE-2015-9290",
"lastModified": "2024-11-21T02:40:15.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-30T13:15:12.670",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?45923"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/csp/article/K38315305"
},
{
"source": "cve@mitre.org",
"url": "https://support.f5.com/csp/article/K38315305?utm_source=f5support\u0026amp%3Butm_medium=RSS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=e3058617f384cb6709f3878f753fa17aca9e3a30"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?45923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K38315305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.f5.com/csp/article/K38315305?utm_source=f5support\u0026amp%3Butm_medium=RSS"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-14 20:59
Modified
2025-04-12 10:46
Severity ?
Summary
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html | ||
| cve@mitre.org | http://savannah.nongnu.org/bugs/index.php?41590 | ||
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3370 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/76727 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1033536 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | ||
| cve@mitre.org | https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124 | ||
| cve@mitre.org | https://code.google.com/p/chromium/issues/detail?id=459050 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://savannah.nongnu.org/bugs/index.php?41590 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3370 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/76727 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033536 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://code.google.com/p/chromium/issues/detail?id=459050 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| opensuse | opensuse | 13.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "814C8BFE-8DD6-465A-8AF8-FBB3CDF2F6F9",
"versionEndIncluding": "2.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a \"broken number-with-base\" in a Postscript stream, as demonstrated by 8#garbage."
},
{
"lang": "es",
"value": "Vulnerabilidad en la funci\u00f3n parse_encoding en type1/t1load.c en FreeType en versiones anteriores a 2.5.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de un \u0027broken number-with-base\u0027 en un stream Postscript, seg\u00fan lo demostrado por 8#garbage."
}
],
"id": "CVE-2014-9745",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-14T20:59:00.163",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html"
},
{
"source": "cve@mitre.org",
"url": "http://savannah.nongnu.org/bugs/index.php?41590"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/76727"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1033536"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124"
},
{
"source": "cve@mitre.org",
"url": "https://code.google.com/p/chromium/issues/detail?id=459050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://savannah.nongnu.org/bugs/index.php?41590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033536"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=459050"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-26 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221 | ||
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050965.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html | ||
| secalert@redhat.com | http://secunia.com/advisories/42289 | ||
| secalert@redhat.com | http://secunia.com/advisories/42295 | ||
| secalert@redhat.com | http://secunia.com/advisories/43138 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT4564 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT4565 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT4581 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT4802 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT4803 | ||
| secalert@redhat.com | http://support.avaya.com/css/P8/documents/100122733 | ||
| secalert@redhat.com | http://www.debian.org/security/2011/dsa-2155 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:235 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:236 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0889.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/44214 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1024745 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1013-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3037 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0246 | ||
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?31310 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050965.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42289 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42295 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43138 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4564 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4565 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4581 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4802 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4803 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/css/P8/documents/100122733 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2155 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:235 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:236 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0889.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/44214 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1024745 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1013-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3037 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0246 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?31310 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.2.10 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "221E5B57-16B2-4FB7-A469-1914D9E3F35E",
"versionEndIncluding": "2.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4450B4-B21F-4153-B9DD-C36A2381F00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n ft_var_readpackedpoints en truetype/ttgxvar.c en FreeType v2.4.3 y anteriores permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una fuente TrueType GX manipulada."
}
],
"id": "CVE-2010-3855",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-11-26T20:00:03.393",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"source": "secalert@redhat.com",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050965.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42289"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42295"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/43138"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4564"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4565"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4802"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT4803"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/css/P8/documents/100122733"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:235"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0889.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/44214"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1024745"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/3037"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"source": "secalert@redhat.com",
"url": "https://savannah.nongnu.org/bugs/?31310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=59eb9f8cfe7d1df379a2318316d1f04f80fba54a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050965.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051231.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051251.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/css/P8/documents/100122733"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0889.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://savannah.nongnu.org/bugs/?31310"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=164 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538 | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=164 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file."
},
{
"lang": "es",
"value": "La funci\u00f3n woff_open_font en sfnt/sfobjs.c en FreeType anterior a 2.5.4 proceda con los c\u00e1lculos de desplazamiento m\u00e1s longitud (offset+length) sin restringir los valores de longitud, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de enteros y desbordamiento de buffer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado a trav\u00e9s de un fichero Web Open Font Format (WOFF) manipulado."
}
],
"id": "CVE-2014-9668",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:29.977",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=164"
},
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f46add13895337ece929b18bb8f036431b3fb538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-03 05:15
Modified
2024-11-21 02:40
Severity ?
Summary
FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd | Patch | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://savannah.nongnu.org/bugs/?46346 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4126-1/ | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4126-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?46346 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4126-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4126-2/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96E82FA7-DA3E-4125-9710-1D201B3AED8A",
"versionEndExcluding": "2.6.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c."
},
{
"lang": "es",
"value": "FreeType en versiones anteriores a la 2.6.2 tiene una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en tt_cmap14_validate en sfnt/ttcmap.c."
}
],
"id": "CVE-2015-9383",
"lastModified": "2024-11-21T02:40:29.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-03T05:15:10.887",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?46346"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4126-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?46346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4126-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4126-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800581 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800581 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de lectura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de la propiedad modificados en una fuente BDF."
}
],
"id": "CVE-2012-1126",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:17.933",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=155 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html | ||
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=155 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| debian | debian_linux | 7.0 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file."
},
{
"lang": "es",
"value": "Error en el indice del array en la funci\u00f3n parse_fond en base/ftmac.c en FreeType anterior a 2.5.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango) o obtener informaci\u00f3n sensible desde el proceso de la memoria a trav\u00e9s de un recurso FOND manipulado en un fichero de fuentes Mac."
}
],
"id": "CVE-2014-9672",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:33.663",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=155"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=18a8f0d9943369449bc4de92d411c78fb08d616c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134395/FreeType-2.5.3-Mac-FOND-Resource-Parsing-Out-Of-Bounds-Read-From-Stack.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | ||
| cve@mitre.org | http://secunia.com/advisories/42314 | ||
| cve@mitre.org | http://secunia.com/advisories/42317 | ||
| cve@mitre.org | http://secunia.com/advisories/48951 | ||
| cve@mitre.org | http://support.apple.com/kb/HT4435 | ||
| cve@mitre.org | http://support.apple.com/kb/HT4456 | ||
| cve@mitre.org | http://support.apple.com/kb/HT4457 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/42621 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/3045 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/3046 | ||
| cve@mitre.org | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | ||
| cve@mitre.org | https://rhn.redhat.com/errata/RHSA-2010-0736.html | ||
| cve@mitre.org | https://rhn.redhat.com/errata/RHSA-2010-0737.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42314 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42317 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4456 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4457 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/42621 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3045 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3046 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0736.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0737.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en FreeType 2.3.9 y otras versiones anteriores a la 2.4.2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio mediante vectores involucrados en llamadas anidadas Standard Encoding Accented Character (tambi\u00e9n conocido como seac), relacionadas con psaux.h, cffgload.c, cffgload.h y t1decode.c."
}
],
"id": "CVE-2010-3054",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-19T18:00:06.530",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42314"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42317"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/42621"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-17 00:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 | Patch, Third Party Advisory | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b | Patch, Third Party Advisory | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e | Patch, Third Party Advisory | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog | Release Notes, Third Party Advisory | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html | Broken Link | |
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34723 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34913 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34967 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35065 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35074 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35198 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35200 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35204 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35210 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/35379 | Third Party Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200905-05.xml | Third Party Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1 | Broken Link | |
| cve@mitre.org | http://support.apple.com/kb/HT3549 | Third Party Advisory | |
| cve@mitre.org | http://support.apple.com/kb/HT3613 | Third Party Advisory | |
| cve@mitre.org | http://support.apple.com/kb/HT3639 | Third Party Advisory | |
| cve@mitre.org | http://support.apple.com/kb/HT4435 | Broken Link | |
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1784 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2009:243 | Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-0329.html | Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-1061.html | Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2009-1062.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/34550 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-767-1 | Third Party Advisory | |
| cve@mitre.org | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1058 | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1297 | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1522 | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1621 | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=491384 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34723 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34913 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34967 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35065 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35074 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35198 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35200 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35204 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35210 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35379 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200905-05.xml | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3549 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3613 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3639 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1784 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2009:243 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0329.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1061.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1062.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-767-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1058 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1297 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1522 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1621 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=491384 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 5.0 | |
| debian | debian_linux | 6.0 | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 8.10 | |
| canonical | ubuntu_linux | 9.04 | |
| opensuse | opensuse | 10.3 | |
| opensuse | opensuse | 11.0 | |
| opensuse | opensuse | 11.1 | |
| suse | linux_enterprise_server | 10 | |
| suse | linux_enterprise_server | 11 | |
| apple | safari | 4.0 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | mac_os_x | 10.4.11 | |
| apple | mac_os_x | 10.5.8 | |
| apple | mac_os_x_server | * | |
| apple | mac_os_x_server | 10.4.11 | |
| apple | mac_os_x_server | 10.5.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7039ABA3-F36E-4337-8F61-470B2FA1C9EF",
"versionEndIncluding": "2.3.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B68DF-1440-4587-8458-9C5F4D1E43F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B42AB65-443B-4655-BAEA-4EB4A43D9509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:-:*:*:*:*:*:*",
"matchCriteriaId": "38C3AEB0-59E2-400A-8943-60C0A223B680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
"matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDA6DB4-A0DA-43CA-AABD-10EEEEB28EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "614C28E3-3645-4B20-95E5-42E7F123ADDB",
"versionEndIncluding": "2.2.1",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DA1D55-B689-47CF-A55F-3C16DA4EFFFF",
"versionEndIncluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE39585-CF3B-4493-96D8-B394544C7643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1335E35A-D381-4056-9E78-37BC6DF8AD98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924AFEE6-E331-4E10-B1B8-1FF1FF801120",
"versionEndIncluding": "10.6.4",
"versionStartIncluding": "10.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D09D5933-A7D9-4A61-B863-CD8E7D5E67D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "82B4CD59-9F37-4EF0-BA43-427CFD6E1329",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en FreeType v2.3.9 y anteriores permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante vectores relacionados con valores grandes en ciertas entradas en (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, y (3) cff/cffload.c."
}
],
"id": "CVE-2009-0946",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-17T00:30:00.250",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34723"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34913"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34967"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35198"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35200"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35210"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35379"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1784"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34550"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-767-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1058"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0545ec1ca36b27cb928128870a83e5f668980bc5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=79972af4f0485a11dcb19551356c45245749fc5b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a18788b14db60ae3673f932249cd02d33a227c4e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35065"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/35379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200905-05.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270268-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT3639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1061.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-767-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10149"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-27 00:59
Modified
2025-04-20 01:37
Severity ?
Summary
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3839 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/99091 | ||
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-14 | ||
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| cve@mitre.org | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3839 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99091 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA3966-EA75-48BB-8D9C-3C834BA9CC8A",
"versionEndIncluding": "2.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c."
},
{
"lang": "es",
"value": "FreeType 2 antes de 2017-03-26 tiene una escritura fuera de l\u00edmites causada por un desbordamiento de b\u00fafer basado en heap relacionado con la funci\u00f3n t1_builder_close_contour en psaux / psobjs.c."
}
],
"id": "CVE-2017-8287",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-27T00:59:00.320",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/99091"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/99091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=163 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565 | Patch, Vendor Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=163 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| freetype | freetype | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| debian | debian_linux | 7.0 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de enteros en sfnt/ttcmap.c en FreeType anterior a 2.5.4 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango o corrupci\u00f3n de memoria) o posiblemente tener otro impacto no especificado a trav\u00e9s de una tabla SFNT cmap manipulada."
}
],
"id": "CVE-2014-9669",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-08T11:59:30.850",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=163"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=602040b1112c9f94d68e200be59ea7ac3d104565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800607 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800607 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una fuente TrueType modificada."
}
],
"id": "CVE-2012-1144",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.777",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=183 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca | Patch, Vendor Advisory | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=183 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 7.0 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| freetype | freetype | * | |
| oracle | solaris | 10.0 | |
| oracle | solaris | 11.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC633250-EB1E-4484-9BCB-977C8F9EB0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1C288F-326B-497B-B26C-D26E01262DDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c."
},
{
"lang": "es",
"value": "FreeType anterior a 2.5.4 no comprueba si hay un final de los datos durante ciertas acciones de an\u00e1lisis sint\u00e1ctico, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente Type42 manipulada, relacionado con type42/t42parse.c y type1/t1load.c."
}
],
"id": "CVE-2014-9664",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:26.413",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=183"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca"
},
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=73be9f9ab67842cfbec36ee99e8d2301434c84ca"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=dd89710f0f643eb0f99a3830e0712d26c7642acd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40816 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40982 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42314 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42317 | Third Party Advisory | |
| secalert@redhat.com | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Product, Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30657 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40816 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40982 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42314 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42317 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30657 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33E14690-3A9D-45C7-A270-3433F79DEC28",
"versionEndExcluding": "2.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9636697-5FDF-4F67-A95B-D74DDD67A5DD",
"versionEndExcluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "407115F2-CC65-448B-8133-D3D57AD306BA",
"versionEndExcluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "FreeType anterior a v2.4.2 utiliza incorrectametne tipos de datos entero durante la comprobaci\u00f3n de l\u00edmites, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros fuente manipulados."
}
],
"id": "CVE-2010-2807",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:05.217",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "secalert@redhat.com",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30657"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-681"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | ||
| cve@mitre.org | http://secunia.com/advisories/42314 | ||
| cve@mitre.org | http://secunia.com/advisories/42317 | ||
| cve@mitre.org | http://secunia.com/advisories/48951 | ||
| cve@mitre.org | http://support.apple.com/kb/HT4435 | ||
| cve@mitre.org | http://support.apple.com/kb/HT4456 | ||
| cve@mitre.org | http://support.apple.com/kb/HT4457 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/3045 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/3046 | ||
| cve@mitre.org | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42314 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42317 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4456 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4457 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3045 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3046 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.2.10 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "462D9B4F-23B3-4EEC-8E15-A6756D36EEA5",
"versionEndIncluding": "2.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4450B4-B21F-4153-B9DD-C36A2381F00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string."
},
{
"lang": "es",
"value": "bdf/bdflib.c en FreeType en versiones anteriores a la 2.4.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) mediante una fichero de fuentes BDF modificado, relacionado con un intento de modificaci\u00f3n de un valor en una cadena est\u00e1tica."
}
],
"id": "CVE-2010-3053",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:06.453",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42314"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42317"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800595 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800595 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cabecera modificada en una fuente BDF."
}
],
"id": "CVE-2012-1137",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.480",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-18 17:04
Modified
2025-04-12 10:46
Severity ?
Summary
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969 | Exploit, Patch | |
| cve@mitre.org | http://savannah.nongnu.org/bugs/?41697 | ||
| cve@mitre.org | http://secunia.com/advisories/57447 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2014/03/12/4 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2148-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://savannah.nongnu.org/bugs/?41697 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57447 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2014/03/12/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2148-1 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "814C8BFE-8DD6-465A-8AF8-FBB3CDF2F6F9",
"versionEndIncluding": "2.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6D67BB0D-8A4B-44F2-8A0D-A4DA3C6A3B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "648795F7-DA71-43AC-ADAF-9613F090F414",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file."
},
{
"lang": "es",
"value": "Las funciones (1) cf2_initLocalRegionBuffer y (2) cf2_initGlobalRegionBuffer en cff/cf2ft.c en FreeType anterior a 2.5.3 no comprueban debidamente si una subrutina existe, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de aserci\u00f3n), tal y como fue demostrado por un archivo ttf manipulado."
}
],
"id": "CVE-2014-2241",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-03-18T17:04:18.140",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969"
},
{
"source": "cve@mitre.org",
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57447"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2014/03/12/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/03/12/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2148-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-23 10:06
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | ||
| secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html | ||
| secalert@redhat.com | http://secunia.com/advisories/20100 | Patch, Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20525 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20591 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20638 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20791 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21000 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21062 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21135 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21385 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21701 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/23939 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27162 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27167 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/27271 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/33937 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35200 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35204 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35233 | Vendor Advisory | |
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-200607-02.xml | ||
| secalert@redhat.com | http://securitytracker.com/id?1016522 | ||
| secalert@redhat.com | http://sourceforge.net/project/shownotes.php?release_id=416463 | Patch | |
| secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT3438 | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | ||
| secalert@redhat.com | http://www.debian.org/security/2006/dsa-1095 | ||
| secalert@redhat.com | http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0500.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-0329.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2009-1062.html | Vendor Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/archive/1/436836/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/18034 | Patch | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2006/1868 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/0381 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=502565 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/26553 | ||
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-429 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124 | ||
| secalert@redhat.com | https://usn.ubuntu.com/291-1/ | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html | ||
| secalert@redhat.com | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20100 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20525 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20591 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20638 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20791 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21000 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21062 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21135 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21385 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21701 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23939 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27162 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27167 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27271 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33937 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35200 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35204 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35233 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200607-02.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016522 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/project/shownotes.php?release_id=416463 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3438 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1095 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0500.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-0329.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2009-1062.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/436836/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/18034 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/1868 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0381 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=502565 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/26553 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-429 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/291-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493."
}
],
"id": "CVE-2006-1861",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-23T10:06:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20100"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20525"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20591"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20638"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20791"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21000"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21062"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27162"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27167"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27271"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33937"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35200"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35204"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35233"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1016522"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=416463"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"source": "secalert@redhat.com",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18034"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1868"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/291-1/"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=416463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/291-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-19 17:55
Modified
2025-04-11 00:51
Severity ?
Summary
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0 | Patch | |
| secalert@redhat.com | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/May/msg00001.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html | ||
| secalert@redhat.com | http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html | Patch | |
| secalert@redhat.com | http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html | Patch | |
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html | ||
| secalert@redhat.com | http://secunia.com/advisories/45544 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/45568 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/45599 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/45986 | ||
| secalert@redhat.com | http://secunia.com/advisories/46127 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://securitytracker.com/id?1025920 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5130 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5281 | ||
| secalert@redhat.com | http://www.debian.org/security/2011/dsa-2293 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2011:153 | ||
| secalert@redhat.com | http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17 | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2011/08/10/10 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1154.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1155.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1161.html | Vendor Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2011-1834.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/49124 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1191-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=725760 | Patch | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=727624 | ||
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/69141 | ||
| secalert@redhat.com | https://support.apple.com/HT205635 | ||
| secalert@redhat.com | https://support.apple.com/HT205637 | ||
| secalert@redhat.com | https://support.apple.com/HT205640 | ||
| secalert@redhat.com | https://support.apple.com/HT205641 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/May/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45544 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45568 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45599 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/45986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/46127 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1025920 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5130 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5281 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2293 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2011:153 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2011/08/10/10 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1154.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1155.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1161.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-1834.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/49124 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1191-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=725760 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=727624 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/69141 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT205635 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT205637 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT205640 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT205641 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | 2.1.9 | |
| x | libxfont | * | |
| x | libxfont | 1.2.0 | |
| x | libxfont | 1.2.1 | |
| x | libxfont | 1.2.2 | |
| x | libxfont | 1.2.3 | |
| x | libxfont | 1.2.4 | |
| x | libxfont | 1.2.5 | |
| x | libxfont | 1.2.6 | |
| x | libxfont | 1.2.7 | |
| x | libxfont | 1.2.8 | |
| x | libxfont | 1.2.9 | |
| x | libxfont | 1.3.0 | |
| x | libxfont | 1.3.1 | |
| x | libxfont | 1.3.2 | |
| x | libxfont | 1.3.3 | |
| x | libxfont | 1.3.4 | |
| x | libxfont | 1.4.0 | |
| x | libxfont | 1.4.1 | |
| x | libxfont | 1.4.2 | |
| freebsd | freebsd | * | |
| netbsd | netbsd | * | |
| openbsd | openbsd | * | |
| openbsd | openbsd | 2.0 | |
| openbsd | openbsd | 2.1 | |
| openbsd | openbsd | 2.2 | |
| openbsd | openbsd | 2.3 | |
| openbsd | openbsd | 2.4 | |
| openbsd | openbsd | 2.5 | |
| openbsd | openbsd | 2.6 | |
| openbsd | openbsd | 2.7 | |
| openbsd | openbsd | 2.8 | |
| openbsd | openbsd | 2.9 | |
| openbsd | openbsd | 3.0 | |
| openbsd | openbsd | 3.1 | |
| openbsd | openbsd | 3.2 | |
| openbsd | openbsd | 3.3 | |
| openbsd | openbsd | 3.4 | |
| openbsd | openbsd | 3.5 | |
| openbsd | openbsd | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*",
"matchCriteriaId": "366E84EE-4BAC-4816-B04A-7B60F70B0084",
"versionEndIncluding": "1.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "45A7B86F-A74E-42D8-BBE6-D86C4EB672B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9806D538-0672-4D27-9A32-F41BB53DF738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29297813-F2F4-48BF-8DEA-DC83E44D154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1437F3D-127E-45E7-B678-85BF208BAD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "26743145-32B4-45A6-8912-2B97EF59B677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1C18E74E-DB01-4D5F-BD18-DE370BA56A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "06DBC61A-10CD-41ED-AC1B-16C867823059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "061E16E4-0DD2-45B0-927D-5E6D97D54D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "58F3B17A-D8A9-4581-8EAC-4D6498A23F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D064C118-DC51-46CF-961E-3D70C1EEFC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F45C46-F416-46FC-8C98-79D57BB397D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B21FE78A-41E1-46A7-8129-94CBA34A3FA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5ADFF46D-9680-410C-B8B8-79F629534465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D36FBB2E-7BCD-4212-AE04-8C7C6B57CD49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8A603E28-7D58-44FB-819E-5F22FA9860EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2D9EE6A0-89DC-464D-890F-2C0E5CDCFAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B056FDAB-4B10-4B32-A942-84864D39CBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "642C350E-C81B-46F7-84B4-D3DE45E70DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B55E4B92-88E0-41F0-AFA7-046A8D34A2CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC69AE-D8BB-410B-B911-BFEA95774C3D",
"versionEndIncluding": "3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36DF0D51-FCFA-46A3-B834-E80DFA91DFDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5CB726CF-ADA2-4CDA-9786-1E84AC53740A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC373FC-88AC-4B6D-A289-51881ACD57F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2DA7F0-E3C0-447A-A2B0-ECC928389D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBE290B-5EC6-4BBA-B645-294C150E417A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE7FDFB-C6A6-4B58-B0B4-236E4EA76EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF053A1-C252-427E-9EEF-27240F422976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "48A9C344-45AA-47B9-B35A-1A62E220D9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "80EB24F0-46A7-481B-83ED-8BB012AE0C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6AEAF0-FA61-4A3F-A083-1218C2027781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60DA30A1-3360-46BC-85B7-008D535F95BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA33E7E2-DE7B-411E-8991-718DA0988C51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D4D84D7A-EB7C-4196-B8B6-7B703C8055C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896."
},
{
"lang": "es",
"value": "El descompresor en LZW en (1) la funci\u00f3n BufCompressedFill en fontfile/decompress.c en X.Org libXfont antes de la versi\u00f3n v1.4.4 y (2) compress/compress.c en 4.3BSD, tal y como se utiliza en zopen.c en OpenBSD antes de la versi\u00f3n v3.8, FreeBSD, NetBSD, FreeType v2.1.9, y otros productos, no controla correctamente las palabras de c\u00f3digo ausentes de la tabla de descompresi\u00f3n, lo que permite provocar un bucle infinito o un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap) a atacantes (dependiendo del contexto) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un flujo comprimido debidamente modificado. Se trata de un problema relacionado con los CVE-2006-1168 y CVE-2011 2896."
}
],
"id": "CVE-2011-2895",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-08-19T17:55:03.037",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"source": "secalert@redhat.com",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45544"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45568"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45599"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/45986"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46127"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1025920"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5281"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49124"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205635"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205637"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205640"
},
{
"source": "secalert@redhat.com",
"url": "https://support.apple.com/HT205641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/May/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/45986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/08/10/10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1154.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1155.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1161.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1834.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1191-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=725760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT205641"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-24 18:59
Modified
2025-04-20 01:37
Severity ?
Summary
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 | Patch, Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3839 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/99093 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 | Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| cve@mitre.org | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3839 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99093 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00F6519F-A001-4D60-BB62-96C226DD828A",
"versionEndExcluding": "2.7.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c."
},
{
"lang": "es",
"value": "FreeType 2 en versiones anteriores a 24-03-2017 tiene una escritura fuera de limites provocada por un desbordamiento de b\u00fafer relacionado con la funci\u00f3n t1_decoder_parse_charstrengs en psaux/t1decode.c."
}
],
"id": "CVE-2017-8105",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T18:59:00.897",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99093"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=613198 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30361 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=613198 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30361 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | mac_os_x | * | |
| debian | debian_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BB787B-4D62-4277-819C-3E627B9B7FC8",
"versionEndExcluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en la memoria din\u00e1mica en la funci\u00f3n Ins_IUP en truetype/ttinterp.c en FreeType anterior a v2.4.0, cuando TrueType bytecode support est\u00e1 habilitado, permite a a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros fuente manipulados."
}
],
"id": "CVE-2010-2520",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:04.500",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613198"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=888cd1843e935fe675cf2ac303116d4ed5b9d54b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30361"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-12 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://savannah.nongnu.org/bugs/?41697 | ||
| cve@mitre.org | http://secunia.com/advisories/57291 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/57447 | ||
| cve@mitre.org | http://sourceforge.net/projects/freetype/files/freetype2/2.5.3 | ||
| cve@mitre.org | http://www.freetype.org/index.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/66074 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1029895 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2148-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://savannah.nongnu.org/bugs/?41697 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57291 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57447 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/projects/freetype/files/freetype2/2.5.3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.freetype.org/index.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/66074 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1029895 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2148-1 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| freetype | freetype | 2.4.8 | |
| freetype | freetype | 2.4.9 | |
| freetype | freetype | 2.4.10 | |
| freetype | freetype | 2.4.11 | |
| freetype | freetype | 2.4.12 | |
| freetype | freetype | 2.5 | |
| freetype | freetype | 2.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "814C8BFE-8DD6-465A-8AF8-FBB3CDF2F6F9",
"versionEndIncluding": "2.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "52FA516A-918B-4727-8108-EE89FA5EB123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB966A5-4663-4133-84B8-F292125990DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "12B89E2D-8F41-4A30-8E61-50E77BC7193C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD2CC48-E73F-47E7-9E34-9459E2BBEF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "87F27E60-83BF-4D03-9283-F5E487F4AD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6D67BB0D-8A4B-44F2-8A0D-A4DA3C6A3B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "648795F7-DA71-43AC-ADAF-9613F090F414",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en pila en la funci\u00f3n cf2_hintmap_build en cff/cf2hints.c en FreeType anterior a 2.5.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un n\u00famero grande de \"stem hints\" en un fichero de fuentes."
}
],
"id": "CVE-2014-2240",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-12T14:55:30.773",
"references": [
{
"source": "cve@mitre.org",
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57291"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57447"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.5.3"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.freetype.org/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66074"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1029895"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2148-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://savannah.nongnu.org/bugs/?41697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.5.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.freetype.org/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2148-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=613154 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30082 | Exploit, Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30083 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=613154 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30082 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30083 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BB787B-4D62-4277-819C-3E627B9B7FC8",
"versionEndExcluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "Desbordamiento de entero glyph manejado en FreeType anterior a v2.4.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero fuente manipulado."
}
],
"id": "CVE-2010-2497",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:03.857",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613154"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30082"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7d3d2cc4fef72c6be9c454b3809c387e12b44cfc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30083"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233 | Patch, Third Party Advisory | |
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8 | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=613162 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30248 | Exploit, Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30249 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html | Mailing List, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127905701201340&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=127909326909362&w=2 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024266 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2070 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0578.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-963-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=613162 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30248 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30249 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | mac_os_x | * | |
| debian | debian_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08BB787B-4D62-4277-819C-3E627B9B7FC8",
"versionEndExcluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funci\u00f3n Mac_Read_POST_Resource en base/ftobjs.c de FreeType anterior a v2.4.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de ficheros de fuentes LaserWriter PS manipulados con un fragmento PFB incrustado."
}
],
"id": "CVE-2010-2499",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:04.140",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613162"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30248"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=c69891a1345640096fbf396e8dd567fe879ce233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f29f741efbba0a5ce2f16464f648fb8d026ed4c8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Third Party Advisory"
],
"url": "http://lists.nongnu.org/archive/html/freetype/2010-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127905701201340\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=127909326909362\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1024266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2010/dsa-2070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0578.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-963-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=613162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30249"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-26 20:00
Modified
2025-04-11 00:51
Severity ?
Summary
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| product-security@apple.com | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221 | ||
| product-security@apple.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4 | ||
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Vendor Advisory | |
| product-security@apple.com | http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html | ||
| product-security@apple.com | http://secunia.com/advisories/42314 | ||
| product-security@apple.com | http://secunia.com/advisories/43138 | ||
| product-security@apple.com | http://secunia.com/advisories/48951 | ||
| product-security@apple.com | http://security-tracker.debian.org/tracker/CVE-2010-3814 | ||
| product-security@apple.com | http://support.apple.com/kb/HT4456 | Vendor Advisory | |
| product-security@apple.com | http://support.apple.com/kb/HT4581 | ||
| product-security@apple.com | http://www.debian.org/security/2011/dsa-2155 | ||
| product-security@apple.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:236 | ||
| product-security@apple.com | http://www.securityfocus.com/bid/44643 | ||
| product-security@apple.com | http://www.securitytracker.com/id?1024767 | ||
| product-security@apple.com | http://www.ubuntu.com/usn/USN-1013-1 | ||
| product-security@apple.com | http://www.vupen.com/english/advisories/2010/3046 | ||
| product-security@apple.com | http://www.vupen.com/english/advisories/2011/0246 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42314 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43138 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security-tracker.debian.org/tracker/CVE-2010-3814 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4456 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4581 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2011/dsa-2155 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:236 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/44643 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1024767 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1013-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3046 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0246 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.2.10 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "221E5B57-16B2-4FB7-A469-1914D9E3F35E",
"versionEndIncluding": "2.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4450B4-B21F-4153-B9DD-C36A2381F00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en la funci\u00f3n Ins_SHZ en ttinterp.c en FreeType v2.4.3 y anteriores permite a atacantes remotos ejecutar c\u00f3digo a su o elecci\u00f3n y causar una denegaci\u00f3n de servicio (cuelgue de aplicaci\u00f3n) a trav\u00e9s de una instrucci\u00f3n SHZ bytecode manipulada, relacionados con opcodes TrueType, como lo demuestra un documento PDF con una fuente manipulada incrustada."
}
],
"id": "CVE-2010-3814",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-11-26T20:00:02.923",
"references": [
{
"source": "product-security@apple.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"source": "product-security@apple.com",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "product-security@apple.com",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "product-security@apple.com",
"url": "http://secunia.com/advisories/42314"
},
{
"source": "product-security@apple.com",
"url": "http://secunia.com/advisories/43138"
},
{
"source": "product-security@apple.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "product-security@apple.com",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3814"
},
{
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "product-security@apple.com",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "product-security@apple.com",
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"source": "product-security@apple.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"source": "product-security@apple.com",
"url": "http://www.securityfocus.com/bid/44643"
},
{
"source": "product-security@apple.com",
"url": "http://www.securitytracker.com/id?1024767"
},
{
"source": "product-security@apple.com",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"source": "product-security@apple.com",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "product-security@apple.com",
"url": "http://www.vupen.com/english/advisories/2011/0246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=602221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=0edf0986f3be570f5bf90ff245a85c1675f5c9a4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0246"
}
],
"sourceIdentifier": "product-security@apple.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=168 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81 | ||
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727 | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=168 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.10 | |
| freetype | freetype | * | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file."
},
{
"lang": "es",
"value": "La funci\u00f3n Load_SBit_Png en sfnt/pngshim.c en FreeType anterior a 2.5.4 no restringe los valores de filas y tonos de los datos PNG, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (desbordamiento de enteros y desbordamiento de buffer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado mediante el embebido de un fichero PNG en un fichero de fuentes .ttf."
}
],
"id": "CVE-2014-9665",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:27.337",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=168"
},
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81"
},
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=54abd22891bd51ef8b533b24df53b3019b5cee81"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=b3500af717010137046ec4076d1e1c0641e33727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800604 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800604 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s del perfil modificado del glifo de una fuente."
}
],
"id": "CVE-2012-1142",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.683",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-07 14:06
Modified
2025-04-12 10:46
Severity ?
Summary
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@ubuntu.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1 | ||
| security@ubuntu.com | http://www.debian.org/security/2015/dsa-3370 | ||
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2015/09/11/4 | ||
| security@ubuntu.com | http://www.openwall.com/lists/oss-security/2015/09/25/4 | ||
| security@ubuntu.com | https://savannah.nongnu.org/bugs/?41309 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3370 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/09/11/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/09/25/4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?41309 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font."
},
{
"lang": "es",
"value": "La funci\u00f3n t42_parse_encoding en type42/t42parse.c en FreeType en versiones anteriores a 2.5.4 no actualiza adecuadamente la posici\u00f3n actual para el modo immediates-only lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de una fuente Type42."
}
],
"id": "CVE-2014-9747",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-07T14:06:03.073",
"references": [
{
"source": "security@ubuntu.com",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"source": "security@ubuntu.com",
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"source": "security@ubuntu.com",
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"source": "security@ubuntu.com",
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"source": "security@ubuntu.com",
"url": "https://savannah.nongnu.org/bugs/?41309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/src/type42/t42parse.c?id=8b281f83e8516535756f92dbf90940ac44bd45e1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/09/11/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/09/25/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://savannah.nongnu.org/bugs/?41309"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800593 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800593 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores que incluyen instrucciones NPUSHB y NPUSHW en una fuente TrueType."
}
],
"id": "CVE-2012-1135",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.370",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-16 19:41
Modified
2025-04-09 00:30
Severity ?
Summary
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html | ||
| cve@mitre.org | http://secunia.com/advisories/30600 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/30721 | ||
| cve@mitre.org | http://secunia.com/advisories/30740 | ||
| cve@mitre.org | http://secunia.com/advisories/30766 | ||
| cve@mitre.org | http://secunia.com/advisories/30819 | ||
| cve@mitre.org | http://secunia.com/advisories/30821 | ||
| cve@mitre.org | http://secunia.com/advisories/30967 | ||
| cve@mitre.org | http://secunia.com/advisories/31479 | ||
| cve@mitre.org | http://secunia.com/advisories/31577 | ||
| cve@mitre.org | http://secunia.com/advisories/31707 | ||
| cve@mitre.org | http://secunia.com/advisories/31709 | ||
| cve@mitre.org | http://secunia.com/advisories/31711 | ||
| cve@mitre.org | http://secunia.com/advisories/31712 | ||
| cve@mitre.org | http://secunia.com/advisories/31823 | ||
| cve@mitre.org | http://secunia.com/advisories/31856 | ||
| cve@mitre.org | http://secunia.com/advisories/31900 | ||
| cve@mitre.org | http://secunia.com/advisories/33937 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200806-10.xml | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201209-25.xml | ||
| cve@mitre.org | http://securitytracker.com/id?1020238 | ||
| cve@mitre.org | http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3026 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3129 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3438 | ||
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm | ||
| cve@mitre.org | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0556.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0558.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/495497/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/495869/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/29640 | Patch | |
| cve@mitre.org | http://www.ubuntu.com/usn/usn-643-1 | ||
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2008-0014.html | ||
| cve@mitre.org | http://www.vmware.com/support/player/doc/releasenotes_player.html | ||
| cve@mitre.org | http://www.vmware.com/support/player2/doc/releasenotes_player2.html | ||
| cve@mitre.org | http://www.vmware.com/support/server/doc/releasenotes_server.html | ||
| cve@mitre.org | http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | ||
| cve@mitre.org | http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1794 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1876/references | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2423 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2466 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2525 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2558 | ||
| cve@mitre.org | https://issues.rpath.com/browse/RPL-2608 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30600 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30721 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30740 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30766 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30819 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30821 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30967 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31479 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31577 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31707 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31709 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31711 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31712 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31823 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31856 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31900 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33937 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200806-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-25.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1020238 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3026 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3129 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3438 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0556.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0558.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495497/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495869/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/29640 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-643-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2008-0014.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/player/doc/releasenotes_player.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/player2/doc/releasenotes_player2.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/server/doc/releasenotes_server.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1794 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1876/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2423 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2466 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2558 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2608 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en FreeType2 anterior a 2.3.6, permite a atacantes dependientes del contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un set de valores manipulados de un tama\u00f1o 16-bit dentro de la tabla de diccionario Private en un archivo Printer Font Binary (PFB), lo que provoca un desbordamiento de b\u00fafer basado en mont\u00edculo."
}
],
"id": "CVE-2008-1806",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-16T19:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30600"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30721"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30740"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30766"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30819"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30821"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31479"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31577"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31711"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31712"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31823"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31856"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31900"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020238"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3026"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3129"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29640"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-30 19:02
Modified
2025-04-03 01:03
Severity ?
Summary
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | Broken Link | |
| cve@mitre.org | http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html | Broken Link | |
| cve@mitre.org | http://secunia.com/advisories/20525 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/20591 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/20638 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/20791 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/21062 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/21135 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/21385 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/21701 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/23939 | Third Party Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1016520 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | Broken Link | |
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | Third Party Advisory | |
| cve@mitre.org | http://www.debian.org/security/2006/dsa-1095 | Third Party Advisory | |
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 | Third Party Advisory | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2006-0500.html | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/436836/100/0/threaded | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/bid/18329 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/0381 | Third Party Advisory | |
| cve@mitre.org | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://issues.rpath.com/browse/RPL-429 | Broken Link | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692 | Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/291-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20525 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20591 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20638 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20791 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21062 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21135 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21385 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21701 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23939 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016520 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1095 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0500.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/436836/100/0/threaded | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/18329 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0381 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-429 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/291-1/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.1 | |
| canonical | ubuntu_linux | 5.04 | |
| canonical | ubuntu_linux | 5.10 | |
| canonical | ubuntu_linux | 6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F39B31DE-357E-49E1-A404-62D1747EBBE5",
"versionEndExcluding": "2.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "42E47538-08EE-4DC1-AC17-883C44CF77BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA3A32E-445A-4D39-A8D5-75F5370AD23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*",
"matchCriteriaId": "5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference."
}
],
"id": "CVE-2006-2661",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-30T19:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20525"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20591"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20638"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20791"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21062"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21385"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1016520"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/18329"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/291-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/20791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1016520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/18329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/291-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-05-23 10:06
Modified
2025-04-03 01:03
Severity ?
Summary
Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | ||
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| secalert@redhat.com | http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html | ||
| secalert@redhat.com | http://secunia.com/advisories/20525 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20591 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20638 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/20791 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21062 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21135 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21385 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/21701 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/23939 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/35074 | Vendor Advisory | |
| secalert@redhat.com | http://securitytracker.com/id?1016522 | ||
| secalert@redhat.com | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | ||
| secalert@redhat.com | http://support.apple.com/kb/HT3549 | ||
| secalert@redhat.com | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | ||
| secalert@redhat.com | http://www.debian.org/security/2006/dsa-1095 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2006-0500.html | ||
| secalert@redhat.com | http://www.securityfocus.com/archive/1/436836/100/0/threaded | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/18326 | ||
| secalert@redhat.com | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2007/0381 | Vendor Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2009/1297 | Vendor Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676 | Patch | |
| secalert@redhat.com | https://issues.rpath.com/browse/RPL-429 | ||
| secalert@redhat.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508 | ||
| secalert@redhat.com | https://usn.ubuntu.com/291-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20525 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20591 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20638 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20791 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21062 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21135 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21385 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21701 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/23939 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/35074 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016522 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3549 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2006/dsa-1095 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:099 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2006-0500.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/436836/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/18326 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA09-133A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/0381 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1297 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-429 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/291-1/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6351F282-0A46-4A6D-9793-D338845EFF2F",
"versionEndIncluding": "2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values."
}
],
"id": "CVE-2006-0747",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-23T10:06:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20525"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20591"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20638"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20791"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21062"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21385"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1016522"
},
{
"source": "secalert@redhat.com",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "secalert@redhat.com",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/18326"
},
{
"source": "secalert@redhat.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"source": "secalert@redhat.com",
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508"
},
{
"source": "secalert@redhat.com",
"url": "https://usn.ubuntu.com/291-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21385"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/291-1/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-07 23:00
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an "input stream position error" issue, a different vulnerability than CVE-2010-1797.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2116 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:201 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0864.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/43700 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1013-1 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=623625 | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0736.html | ||
| secalert@redhat.com | https://rhn.redhat.com/errata/RHSA-2010-0737.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2116 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:201 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0864.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/43700 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1013-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=623625 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0736.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0737.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.2.10 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05932F1E-2960-4CEB-9DB6-A05977E11AAC",
"versionEndIncluding": "2.3.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4450B4-B21F-4153-B9DD-C36A2381F00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file that triggers a heap-based buffer overflow, related to an \"input stream position error\" issue, a different vulnerability than CVE-2010-1797."
},
{
"lang": "es",
"value": "Desbordamiento de enteros en base/ftstream.c en libXft (tambi\u00e9n conocida como la librer\u00eda FreeType X) en FreeType anterior a v2.4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario mediante un archivo de Formato de Fuente Compacto (CFF) manipulado que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica, relacionado con un \"error de posici\u00f3n en el flujo de entrada\", una vulnerabilidad diferente de CVE-2010-1797."
}
],
"id": "CVE-2010-3311",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-07T23:00:18.827",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2116"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/43700"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2116"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/43700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1013-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0736.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0737.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-08 11:59
Modified
2025-04-12 10:46
Severity ?
Summary
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://advisories.mageia.org/MGASA-2015-0083.html | ||
| cve@mitre.org | http://code.google.com/p/google-security-research/issues/detail?id=187 | Exploit | |
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4 | ||
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669 | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| cve@mitre.org | http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2015-0696.html | ||
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3188 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | ||
| cve@mitre.org | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/72986 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2510-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2739-1 | ||
| cve@mitre.org | https://security.gentoo.org/glsa/201503-05 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://advisories.mageia.org/MGASA-2015-0083.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://code.google.com/p/google-security-research/issues/detail?id=187 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-0696.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3188 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2015:055 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/72986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2510-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2739-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201503-05 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 14.10 | |
| canonical | ubuntu_linux | 15.04 | |
| debian | debian_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_hpc_node | 6 | |
| redhat | enterprise_linux_hpc_node | 7.0 | |
| redhat | enterprise_linux_hpc_node_eus | 7.1 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_eus | 6.6.z | |
| redhat | enterprise_linux_server_eus | 7.1 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| freetype | freetype | * | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
"matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDFD93B-693D-46DC-9C39-FDECB3E619E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84489B-B08C-4854-8A12-D01B6E45CF79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7071F0C7-E43E-4F2E-9FEB-E8FB3DEA4749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*",
"matchCriteriaId": "3FB4F7C3-1521-42B6-9820-15C2B156BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05EE9A32-E91F-4C68-B3A9-AC5AB35C2BB3",
"versionEndIncluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
"matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font."
},
{
"lang": "es",
"value": "type42/t42parse.c en FreeType anterior a 2.5.4 no considera que escaneo puede resultar incompleto sin provoca un error, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n) o posiblemente tener otro impacto no especificado a trav\u00e9s de una fuente Type42 manipulada."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2014-9661",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-02-08T11:59:23.587",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=187"
},
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4"
},
{
"source": "cve@mitre.org",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201503-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2015-0083.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://code.google.com/p/google-security-research/issues/detail?id=187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3788187e0c396952cd7d905c6c61f3ff8e84b2b4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=42fcd6693ec7bd6ffc65ddc63e74287a65dda669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/134396/FreeType-2.5.3-Type42-Parsing-Use-After-Free.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0696.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/72986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2510-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2739-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201503-05"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800584 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800584 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (desreferencia de puntero nulo y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una fuente TrueType modificada."
}
],
"id": "CVE-2012-1128",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.057",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-16 19:41
Modified
2025-04-09 00:30
Severity ?
Summary
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716 | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| cve@mitre.org | http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html | ||
| cve@mitre.org | http://secunia.com/advisories/30600 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/30721 | ||
| cve@mitre.org | http://secunia.com/advisories/30740 | ||
| cve@mitre.org | http://secunia.com/advisories/30766 | ||
| cve@mitre.org | http://secunia.com/advisories/30819 | ||
| cve@mitre.org | http://secunia.com/advisories/30821 | ||
| cve@mitre.org | http://secunia.com/advisories/30967 | ||
| cve@mitre.org | http://secunia.com/advisories/31479 | ||
| cve@mitre.org | http://secunia.com/advisories/31577 | ||
| cve@mitre.org | http://secunia.com/advisories/31707 | ||
| cve@mitre.org | http://secunia.com/advisories/31709 | ||
| cve@mitre.org | http://secunia.com/advisories/31711 | ||
| cve@mitre.org | http://secunia.com/advisories/31712 | ||
| cve@mitre.org | http://secunia.com/advisories/31823 | ||
| cve@mitre.org | http://secunia.com/advisories/31856 | ||
| cve@mitre.org | http://secunia.com/advisories/31900 | ||
| cve@mitre.org | http://secunia.com/advisories/33937 | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200806-10.xml | ||
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-201209-25.xml | ||
| cve@mitre.org | http://securitytracker.com/id?1020239 | ||
| cve@mitre.org | http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3026 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3129 | ||
| cve@mitre.org | http://support.apple.com/kb/HT3438 | ||
| cve@mitre.org | http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm | ||
| cve@mitre.org | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255 | ||
| cve@mitre.org | http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0556.html | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0558.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/495497/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/495869/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/29641 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-643-1 | ||
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2008-0014.html | ||
| cve@mitre.org | http://www.vmware.com/support/player/doc/releasenotes_player.html | ||
| cve@mitre.org | http://www.vmware.com/support/player2/doc/releasenotes_player2.html | ||
| cve@mitre.org | http://www.vmware.com/support/server/doc/releasenotes_server.html | ||
| cve@mitre.org | http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | ||
| cve@mitre.org | http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1794 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/1876/references | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2423 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2466 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2525 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/2558 | ||
| cve@mitre.org | https://issues.rpath.com/browse/RPL-2608 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30600 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30721 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30740 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30766 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30819 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30821 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/30967 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31479 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31577 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31707 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31709 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31711 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31712 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31823 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31856 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31900 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/33937 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200806-10.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201209-25.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1020239 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/project/shownotes.php?group_id=3157&release_id=605780 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3026 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3129 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT3438 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0556.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0558.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495497/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/495869/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/29641 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-643-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2008-0014.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/player/doc/releasenotes_player.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/player2/doc/releasenotes_player2.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/server/doc/releasenotes_server.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1794 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/1876/references | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2423 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2466 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2525 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/2558 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-2608 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid \"number of axes\" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption."
},
{
"lang": "es",
"value": "FreeType2 versiones anteriores a 2.3.6 permite a atacantes dependientes de contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un campo \"n\u00famero de axes\" inv\u00e1lido en un fichero Printer Font Binary (PFB), lo cual dispara una liberaci\u00f3n de localizaciones de memoria de su elecci\u00f3n, provocando corrupci\u00f3n de memoria."
}
],
"id": "CVE-2008-1807",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-16T19:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30600"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30721"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30740"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30766"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30819"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30821"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31479"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31577"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31707"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31709"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31711"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31712"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31823"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31856"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31900"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020239"
},
{
"source": "cve@mitre.org",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3026"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3129"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29641"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31709"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200806-10.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/project/shownotes.php?group_id=3157\u0026release_id=605780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239006-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-318.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0556.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0558.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495497/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-643-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1876/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00717.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00721.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-24 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2013-0216.html | ||
| secalert@redhat.com | http://secunia.com/advisories/51826 | Vendor Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/51900 | Vendor Advisory | |
| secalert@redhat.com | http://www.freetype.org/ | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/12/25/2 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1027921 | ||
| secalert@redhat.com | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1686-1 | ||
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?37906 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2013-0216.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51826 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51900 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.freetype.org/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/12/25/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027921 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1686-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?37906 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| freetype | freetype | 2.4.8 | |
| freetype | freetype | 2.4.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "246A62B7-B82F-44BD-B3D7-F6A474F76E70",
"versionEndIncluding": "2.4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "52FA516A-918B-4727-8108-EE89FA5EB123",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB966A5-4663-4133-84B8-F292125990DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "La funci\u00f3n _bdf_parse_glyphs en FreeType anterior a v2.4.11, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (Ca\u00edda) u posiblemente la ejecuci\u00f3n de c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con las fuentes BDF y un c\u00e1lculo incorrecto que provoca una lectura fuera de rango."
}
],
"id": "CVE-2012-5669",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-24T21:55:01.227",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51826"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51900"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freetype.org/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027921"
},
{
"source": "secalert@redhat.com",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"source": "secalert@redhat.com",
"url": "https://savannah.nongnu.org/bugs/?37906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freetype.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027921"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2013\u0026m=slackware-security.520186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://savannah.nongnu.org/bugs/?37906"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-02-13 05:29
Modified
2024-11-21 04:11
Severity ?
Summary
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html | ||
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736 | Third Party Advisory | |
| cve@mitre.org | https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef | Patch, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/3572-1/ | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3572-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 17.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C079B991-75F4-471A-8F9B-9561EBF07A3A",
"versionEndIncluding": "2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file."
},
{
"lang": "es",
"value": "Se ha descubierto un problema hasta la versi\u00f3n 2.9 de FreeType 2. Una desreferencia de puntero NULL en la funci\u00f3n Ins_GETVARIATION() en ttinterp.c podr\u00eda conducir a DoS mediante un archivo de fuentes manipulado."
}
],
"id": "CVE-2018-6942",
"lastModified": "2024-11-21T04:11:27.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-13T05:29:00.267",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3572-1/"
},
{
"source": "cve@mitre.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3572-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b | Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/97680 | Broken Link, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759 | Issue Tracking, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| cve@mitre.org | https://www.oracle.com/security-alerts/cpuapr2020.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97680 | Broken Link, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201706-14 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpuapr2020.html | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2A965F0-BC5A-4267-9A1A-4FA55A76D390",
"versionEndExcluding": "2.8",
"versionStartIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c."
},
{
"lang": "es",
"value": "FreeType 2 en versiones anteriores a 2017-03-08 tiene una escritura fuera de l\u00edmites provocada por un desbordamiento de b\u00fafer basado en memoria din\u00e1mica relacionado con la funci\u00f3n TT_Get_MM_Var en truetype/ttgxvar.c y la funci\u00f3n sfnt_init_face en sfnt/sfobjs.c."
}
],
"id": "CVE-2017-7857",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T04:59:00.273",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97680"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7bbb91fbf47fc0775cc9705673caf0c47a81f94b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201706-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-10 15:15
Modified
2025-01-16 21:12
Severity ?
4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.2 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:2.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961F39D-E2E7-4725-A2BC-FCD83284962E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c."
},
{
"lang": "es",
"value": "FreeType 2.8.1 tiene un desbordamiento de entero con signo en cf2_doFlex en cff/cf2intrp.c."
}
],
"id": "CVE-2025-23022",
"lastModified": "2025-01-16T21:12:15.537",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-10T15:15:16.967",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://gitlab.freedesktop.org/freetype/freetype/-/issues/1312"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2025-23022"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-03 05:15
Modified
2024-11-21 02:40
Severity ?
Summary
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9 | Patch, Third Party Advisory | |
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:4254 | ||
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html | Third Party Advisory | |
| cve@mitre.org | https://savannah.nongnu.org/bugs/?45955 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://usn.ubuntu.com/4126-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:4254 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?45955 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/4126-2/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6229BC68-7A96-4AA6-ACE9-6FD89C24B203",
"versionEndExcluding": "2.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c."
},
{
"lang": "es",
"value": "FreeType en versiones anteriores a la 2.6.1 tiene una sobrelectura de b\u00fafer basada en memoria din\u00e1mica (heap) en T1_Get_Private_Dict en type1/t1parse.c."
}
],
"id": "CVE-2015-9381",
"lastModified": "2024-11-21T02:40:29.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-03T05:15:10.463",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?45955"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4126-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:4254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?45955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4126-2/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-19 18:00
Modified
2025-04-11 00:51
Severity ?
Summary
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| secalert@redhat.com | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375 | Patch, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| secalert@redhat.com | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40816 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/40982 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42314 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/42317 | Third Party Advisory | |
| secalert@redhat.com | http://secunia.com/advisories/48951 | Third Party Advisory | |
| secalert@redhat.com | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4435 | Broken Link | |
| secalert@redhat.com | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| secalert@redhat.com | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0864.html | Third Party Advisory | |
| secalert@redhat.com | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| secalert@redhat.com | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| secalert@redhat.com | https://savannah.nongnu.org/bugs/?30644 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=oss-security&m=128111955616772&w=2 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40816 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/40982 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42314 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42317 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4435 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4456 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT4457 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0864.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/42285 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-972-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2018 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2106 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3045 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3046 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019 | Issue Tracking, Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://savannah.nongnu.org/bugs/?30644 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| canonical | ubuntu_linux | 6.06 | |
| canonical | ubuntu_linux | 8.04 | |
| canonical | ubuntu_linux | 9.04 | |
| canonical | ubuntu_linux | 9.10 | |
| canonical | ubuntu_linux | 10.04 | |
| apple | iphone_os | * | |
| apple | mac_os_x | * | |
| apple | tvos | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33E14690-3A9D-45C7-A270-3433F79DEC28",
"versionEndExcluding": "2.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
"matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
"matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9636697-5FDF-4F67-A95B-D74DDD67A5DD",
"versionEndExcluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46E5D24A-8CA0-4590-9F35-F684D573D030",
"versionEndExcluding": "10.6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "407115F2-CC65-448B-8133-D3D57AD306BA",
"versionEndExcluding": "4.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "La funci\u00f3n FT_Stream_EnterFrame en base/ftstream.c de FreeType anterior a v2.4.2 no valida adecuadamente los valores de cierta posici\u00f3n, lo cual permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de ficheros de fuentes manipulados."
}
],
"id": "CVE-2010-2805",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-19T18:00:04.920",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "http://freetype.sourceforge.net/index2.html#release-freetype-2.4.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://marc.info/?l=oss-security\u0026m=128111955616772\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/40982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/42317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT4457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0864.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/42285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-972-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Release Notes",
"Third Party Advisory"
],
"url": "https://bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://savannah.nongnu.org/bugs/?30644"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}