Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerability (USN-324-1)

An integer overflow has been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Note that Tenable Network Security has extracted the preceding...

Ubuntu 5.04 / 5.10 / 6.06 LTS : freetype vulnerabilities (USN-291-1)

Several integer overflows have been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user. Note that Tenable Network Security has extracted the...

NX 2.1: User-assisted execution of arbitrary code

Background NoMachine's NX establishes remote connections to X11 desktops over small bandwidth links. NX and NX Node are the compression core libraries, whereas NX is used by FreeNX and NX Node by the binary-only NX servers. Description Chris Evans reported an integer overflow within the FreeType...

Multiple font integer overflows (CVE-2007-1352)

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow...

Mac OS X 10.4.8 (UserNotificationCenter) Privilege Escalation Exploit

No description provided by source. !/usr/bin/ruby Copyright c 2007 Kevin Finisterre kflists at digitalmunition.com Lance M. Havok lmh at info-pull.com All pwnage reserved. "Exploit" for MOAB-22-01-2007: All your crash are belong to us. require 'fileutils' bugselected = ARGV0 || 0.toi...

USN-324-1: freetype vulnerability

An integer overflow has been discovered in the FreeType library. By tricking a user into installing and/or opening a specially crafted font file, these could be exploited to execute arbitrary code with the privileges of that user...

DEBIAN-CVE-2006-3467

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861...

security flaw

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a crafted font file that triggers a null dereference...

security flaw

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...

freetype: integer overflow vulnerability due to incomplete fix for CVE-2006-1861

Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861...

Design/Logic Flaw

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a crafted font file that triggers a null dereference...

CVE-2006-2661

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a crafted font file that triggers a null dereference...

CVE-2006-2661

ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a crafted font file that triggers a null dereference...

CVE-2006-0747

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...

Integer overflow

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...

CVE-2006-0747

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...

CVE-2006-0747

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...

CVE-2006-0747

Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service crash via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values...

Microsoft Embedded OpenType Font Engine "t2embed" Remote Heap Overflow

/ oh my, bad luck, eEye released the advisory few minutes ago, and I've been researching this bug since about a week, sorry, it's cancelled / NOTE: this is super initial raport, if you expect some more info mail me for the bank account number... Microsoft Embedded OpenType Font Engine "t2embed"...