119 matches found
Apple iOS FontParser memory corruption vulnerability (CNVD-2015-05622)
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory corruption vulnerability in Apple iOS FontParser's handling of font files allows remote attackers to exploit the vulnerability to construct special font files that can be tricked into parsing by...
Apple iOS FontParser memory corruption vulnerability (CNVD-2015-05621)
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory corruption vulnerability in Apple iOS FontParser's handling of font files allows remote attackers to exploit the vulnerability to construct special font files that can be tricked into parsing by...
freetype: out of bounds read in Type42 font parser
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted Type42 font...
openSUSE Security Update : evince (openSUSE-SU-2011:0045-1)
Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 - CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
SuSE 11.1 Security Update : t1lib (SAT Patch Number 6195)
This update of t1lib fixes memory corruptions and a heap-based overflow in the afm font parser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. i...
Scientific Linux Security Update : kdegraphics on SL4.x i386/x86_64
Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow flaw in KPDF's Type 1 font parser. A specially crafted PDF file with an embedded Type 1 font could cause KPDF to crash or, possibly, execute arbitrary code when opened. CVE-2009-4035 %NASLMINLEVEL 70300 C Tenable Network...
SuSE 10 Security Update : t1lib (ZYPP Patch Number 8089)
This update of t1lib fixes memory corruptions and a heap-based overflow in the afm font parser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description...
freetype: data buffer underflow in BDF parser _bdf_parse_glyphs() (#35656)
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid stack read operation and memory corruption or possibly execute arbitrary code via crafted glyph data in a BDF font...
t1lib: Heap based buffer overflow in DVI file AFM font parser
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunctio...
t1lib: Heap-based buffer overflow DVI file AFM font parser
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
t1lib: Heap based buffer overflow in DVI file AFM font parser
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunctio...
[SECURITY] [DSA 2358-1] openjdk-6 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...
openSUSE Security Update : t1lib (openSUSE-SU-2011:0140-1)
A heap overflow in the AFM font parser of DVI files has been fixed in t1lib. CVE-2010-2642 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update t1lib-3788. The text...
openSUSE Security Update : evince (openSUSE-SU-2011:0045-1)
Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 - CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
SuSE 11.1 Security Update : t1lib (SAT Patch Number 3789)
A heap overflow in the AFM font parser of DVI files has been fixed in t1lib. CVE-2010-2642 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself i...
SuSE 10 Security Update : evince (ZYPP Patch Number 7309)
Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 / CVE-2010-2641 / CVE-2010-2642 / CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 11.1 Security Update : evince (SAT Patch Number 3769)
Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 - CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
Mandriva Update for evince MDVSA-2011:005 (evince)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2010-2640
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...
CVE-2010-2643
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...