Astra Linux - уязвимость в libreoffice

An improper limitation of a pathname to a restricted directory “Path Traversal” vulnerability exists in The Document Foundation LibreOffice. This vulnerability allows for absolute path traversal. An attacker can write to arbitrary locations, even those prefixed with “.ttf”, by providing a file in...

SUSE CVE-2010-1797

Multiple stack-based buffer overflows in the cffdecoderparsecharstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute...

PT-2022-6388 · Adobe · Bridge

Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 12.0.3 and earlier Adobe Bridge versions 13.0.1 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe Bridge, specifically when parsing embedded fonts. This could lead to the...

CVE-2019-1145

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data...

CVE-2018-1016

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

Microsoft Windows Remote Code Execution Vulnerability (CNVD-2018-08493)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation.Microsoft Windows 10 is a set of operating systems for personal computers.Windows Server 2008 SP2 is a set of server operating systems. A remote code execution vulnerability exists in Microsoft...

CVE-2018-0855

The Microsoft Windows Embedded OpenType EOT font engine in Microsoft Windows 7 SP1 and Windows Server 2008 R2 allows information disclosure, due to how the Windows EOT font engine handles embedded fonts, aka "Windows EOT Font Engine Information Disclosure Vulnerability". This CVE ID is unique fro...

CVE-2017-11835

Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType EOT font engine parses specially crafted embedded fonts, aka "Windows EOT Font...

Microsoft Windows and Office graphics remote code execution vulnerability

Microsoft Windows Server 2008 SP2, etc. are products of Microsoft Corporation.Microsoft Windows Server 2008 SP2, etc. are a series of operating systems; Office Word Viewer is a document viewer; Office 2007 SP3 Office Word Viewer is a document viewer; Office 2007 SP3 is an office software suite...

Microsoft Windows Open Type Font Remote Code Execution Vulnerability

Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists when the Windows Font Library fails to properly handle specially designed embedded fonts. An attacker who successfully exploited this vulnerability could tak...

VulnCheck KEV: CVE-2016-7256

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system...

DEBIAN-CVE-2010-1797

Multiple stack-based buffer overflows in the cffdecoderparsecharstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute...

DEBIAN-CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...