739 matches found
Buffer overflow
Buffer overflow in the setpagesize function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file wit...
CVE-2009-3050
Buffer overflow in the setpagesize function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file wit...
GLSA-200905-05 : FreeType: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200905-05 FreeType: Multiple vulnerabilities Tavis Ormandy reported multiple integer overflows in the cffcharsetcomputecids function in cff/cffload.c, sfnt/tccmap.c and the ftsmoothrendergeneric function in smooth/ftsmooth.c,...
Mandriva Linux Security Advisory : freetype2 (MDVSA-2008:121)
Multiple vulnerabilities were discovered in FreeType's Printer Font Binary PFB font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code CVE-2008-1806,...
Mandriva Update for freetype2 MDVSA-2008:121 (freetype2)
Check for the Version of freetype2 OpenVAS Vulnerability Test Mandriva Update for freetype2 MDVSA-2008:121 freetype2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...
php: buffer overflow in the imageloadfont function in gd extension
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...
php: buffer overflow in the imageloadfont function in gd extension
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...
RedHat Update for freetype RHSA-2008:0556-01
Check for the Version of freetype OpenVAS Vulnerability Test RedHat Update for freetype RHSA-2008:0556-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
FreeBSD : php -- multiple vulnerabilities (27d01223-c457-11dd-a721-0030843d3802)
Secunia reports : Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. An input validation error exists within the 'ZipArchive::extractTo'...
CVE-2008-5356
Heap-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file...
CVE-2008-5357
Integer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file, which...
CVE-2008-5356
Heap-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file...
CVE-2008-5356
Heap-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file...
CVE-2008-5357
The CVE-2008-5357 issue is an integer/heap-based overflow in Java Runtime Environment font parsing. A crafted TrueType font file can trigger arbitrary code execution. Affected products include Sun JDK/JRE 6 Update 10 and earlier; JDK/JRE 5.0 Update 16 and earlier; SDK/JRE 1.4.2_18 and earlier; SD...
CVE-2008-5356
CVE-2008-5356 describes a heap-based buffer overflow in Java Runtime Environment font parsing that can be triggered by a crafted TrueType font, potentially allowing remote code execution. Affected products include Sun JDK/JRE 6u10 and earlier, JDK/JRE 5.0u16 and earlier, and SDK/JRE 1.4.2_18 and ...
USN-643-1: FreeType vulnerabilities
Multiple flaws were discovered in the PFB and TTF font handling code in freetype. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges or cause the application linked against freetype to crash, leading to a denial of...
CVE-2008-3658
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...
CVE-2008-3658
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...
RHEL 2.1 : freetype (RHSA-2008:0558)
Updated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 25th June 2008 The original packages distributed with this errata had a bug...
Important: Red Hat Security Advisory: freetype security update
Updated freetype packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 25th June 2008 The original packages distributed with this errata had a bug...