K52439336 : FreeType vulnerabilities CVE-2014-9746 and CVE-2014-9747

Security Advisory Description

• CVE-2014-9746

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.

• CVE-2014-9747

The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.

Impact

ARX

Parsing certain fonts from untrusted sources may allow the unauthorized disclosure of information or a denial-of-service (DoS) attack.

BIG-IP, BIG-IQ, Enterprise Manager, and F5 iWorkflow

These F5 products are not vulnerable in the default configurations, and there is no impact to these products.

LineRate and Traffix SDC

There is no impact; these F5 products are not affected by this vulnerability.