Lucene search
K

739 matches found

securityvulns
securityvulns
added 2015/03/18 12:0 a.m.94 views

[USN-2536-1] libXfont vulnerabilities

========================================================================== Ubuntu Security Notice USN-2536-1 March 18, 2015 libxfont vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

8.5CVSS0.4AI score0.04923EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2015/03/18 12:0 a.m.24 views

CVE-2015-1804

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...

8.5CVSS7AI score0.04923EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/03/18 12:0 a.m.21 views

CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...

8.5CVSS6.4AI score0.04864EPSS
Exploits0References3
NVD
NVD
added 2015/02/08 11:59 a.m.23 views

CVE-2014-9672

Array index error in the parsefond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service out-of-bounds read or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file...

5.8CVSS6.4AI score0.04684EPSS
Exploits1References12
NVD
NVD
added 2015/02/08 11:59 a.m.20 views

CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

7.5CVSS7.2AI score0.04892EPSS
Exploits1References10
OSV
OSV
added 2015/02/08 11:59 a.m.1 views

DEBIAN-CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

7.5CVSS7.8AI score0.04892EPSS
Exploits1References1
Prion
Prion
added 2015/02/08 11:59 a.m.28 views

Out-of-bounds

Array index error in the parsefond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service out-of-bounds read or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file...

5.8CVSS6.9AI score0.04684EPSS
Exploits1References12Affected Software5
Cvelist
Cvelist
added 2015/02/08 11:0 a.m.29 views

CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

7.6AI score0.04892EPSS
Exploits1References10
CVE
CVE
added 2015/02/08 11:0 a.m.85 views

CVE-2014-9672

CVE-2014-9672 affects FreeType before 2.5.4, where an array index error in parse_fond (base/ftmac.c) can be triggered by a crafted FOND resource in a Mac font file, enabling a denial of service (out-of-bounds read) and potential information disclosure from process memory. The connected documents ...

5.8CVSS7.1AI score0.04684EPSS
Exploits1References12Affected Software1
Cvelist
Cvelist
added 2015/02/08 11:0 a.m.30 views

CVE-2014-9672

Array index error in the parsefond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service out-of-bounds read or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file...

6.3AI score0.04684EPSS
Exploits1References12
CVE
CVE
added 2015/02/08 11:0 a.m.82 views

CVE-2014-9665

CVE-2014-9665 affects FreeType before 2.5.4, where Load_SBit_Png in sfnt/pngshim.c does not constrain rows/pitch when parsing PNG data embedded in a TTF font. This can trigger an integer overflow and heap-based buffer overflow, leading to denial of service (and possibly other impact) per the CVE ...

7.5CVSS8.3AI score0.04892EPSS
Exploits1References10Affected Software1
Debian CVE
Debian CVE
added 2015/02/08 11:0 a.m.32 views

CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

7.5CVSS7.7AI score0.04892EPSS
Exploits1
Debian CVE
Debian CVE
added 2015/02/08 11:0 a.m.31 views

CVE-2014-9672

Array index error in the parsefond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service out-of-bounds read or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file...

5.8CVSS6.8AI score0.04684EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2015/02/08 12:0 a.m.29 views

CVE-2014-9672

Array index error in the parsefond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service out-of-bounds read or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file...

5.8CVSS6.9AI score0.04684EPSS
Exploits1References2
OSV
OSV
added 2015/02/08 12:0 a.m.5 views

UBUNTU-CVE-2014-9672

Array index error in the parsefond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service out-of-bounds read or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file...

5.8CVSS6.9AI score0.04684EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2015/02/05 7:35 p.m.4 views

ICU: font parsing OOB read (OpenJDK 2D, 8056276)

A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...

2.6CVSS6.7AI score0.0405EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/02/05 7:34 p.m.6 views

ICU: font parsing OOB read (OpenJDK 2D, 8056276)

A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...

2.6CVSS6.7AI score0.0405EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/02/05 7:29 p.m.2 views

ICU: font parsing OOB read (OpenJDK 2D, 8055489)

A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...

2.6CVSS6.7AI score0.04297EPSS
Exploits0References5
NVD
NVD
added 2015/01/30 11:59 a.m.19 views

CVE-2014-4483

Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted font file in a PDF document...

6.8CVSS7.7AI score0.0371EPSS
Exploits0References7
Prion
Prion
added 2015/01/30 11:59 a.m.21 views

Buffer overflow

Buffer overflow in FontParser in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted font file in a PDF document...

6.8CVSS8.2AI score0.0371EPSS
Exploits0References7Affected Software3
Rows per page
Query Builder