CVE-2010-3311

CVE-2010-3311 is a FreeType/ libXft vulnerability caused by an input-stream position error that can trigger a heap-based buffer overflow in CFF processing, leading to remote code execution or a crash when processing crafted fonts. Public advisories (Debian DSA-2105-1/DSA-2105-1:33FFA, CentOS CESA...

RHEL 6 : evince (RHSA-2011:0009)

Updated evince packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Moderate: Red Hat Security Advisory: evince security update

Updated evince packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

CVE-2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...

CVE-2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...

CVE-2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...

CVE-2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...

CVE-2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...

CVE-2010-4259

FontForge 20100501 is vulnerable to a stack-based buffer overflow triggered by a crafted CHARSET_REGISTRY header in a BDF font file, potentially allowing remote code execution or a denial of service. Public advisories confirm the issue and provide patches/upgrades: Debian DSA-2253-1 recommends up...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2010:201)

A vulnerability was discovered and corrected in freetype2 : Marc Schoenefeld found an input stream position error in the way FreeType font rendering engine processed input file streams. If a user loaded a specially crafted font file with an application linked against FreeType and relevant font...

Debian DSA-2105-1 : freetype - several vulnerabilities

Several vulnerabilities have been discovered in the FreeType font library. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-1797 Multiple stack-based buffer overflows in the cffdecoderparsecharstrings function in the CFF Type2 CharStrings interpreter...

DSA-2105-1 freetype - several vulnerabilities

Bulletin has no description...

Mandriva Update for freetype2 MDVSA-2010:157 (freetype2)

Check for the Version of freetype2 OpenVAS Vulnerability Test Mandriva Update for freetype2 MDVSA-2010:157 freetype2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2010:157)

Multiple vulnerabilities has been found and corrected in freetype2 : The FTStreamEnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service application crash or possibly execute...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2010:156)

Multiple vulnerabilities has been found and corrected in freetype2 : The FTStreamEnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service application crash or possibly execute...

CVE-2010-3053

bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash via a crafted BDF font file, related to an attempted modification of a value in a static string...

DEBIAN-CVE-2010-3053

bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash via a crafted BDF font file, related to an attempted modification of a value in a static string...

CVE-2010-3053

bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash via a crafted BDF font file, related to an attempted modification of a value in a static string...

CVE-2010-2807

FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font file...

CVE-2010-2808

Buffer overflow in the MacReadPOSTResource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File aka LWFN font...