Lucene search
+L

119 matches found

CNVD
CNVD
added 2015/08/19 12:0 a.m.4 views

Apple iOS FontParser memory corruption vulnerability (CNVD-2015-05622)

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory corruption vulnerability in Apple iOS FontParser's handling of font files allows remote attackers to exploit the vulnerability to construct special font files that can be tricked into parsing by...

7.5CVSS7.4AI score0.03643EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/19 12:0 a.m.2 views

Apple iOS FontParser memory corruption vulnerability (CNVD-2015-05621)

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory corruption vulnerability in Apple iOS FontParser's handling of font files allows remote attackers to exploit the vulnerability to construct special font files that can be tricked into parsing by...

6.8CVSS7.4AI score0.03214EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/03/17 5:58 p.m.5 views

freetype: out of bounds read in Type42 font parser

type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via a crafted Type42 font...

7.5CVSS5.9AI score0.0436EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.24 views

openSUSE Security Update : evince (openSUSE-SU-2011:0045-1)

Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 - CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

7.6CVSS5.5AI score0.1427EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2013/01/25 12:0 a.m.31 views

SuSE 11.1 Security Update : t1lib (SAT Patch Number 6195)

This update of t1lib fixes memory corruptions and a heap-based overflow in the afm font parser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. i...

6.8CVSS5.2AI score0.13055EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.68 views

Scientific Linux Security Update : kdegraphics on SL4.x i386/x86_64

Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow flaw in KPDF's Type 1 font parser. A specially crafted PDF file with an embedded Type 1 font could cause KPDF to crash or, possibly, execute arbitrary code when opened. CVE-2009-4035 %NASLMINLEVEL 70300 C Tenable Network...

9.3CVSS6AI score0.03785EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/06/15 12:0 a.m.38 views

SuSE 10 Security Update : t1lib (ZYPP Patch Number 8089)

This update of t1lib fixes memory corruptions and a heap-based overflow in the afm font parser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description...

6.8CVSS5.2AI score0.13055EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2012/04/10 7:54 p.m.7 views

freetype: data buffer underflow in BDF parser _bdf_parse_glyphs() (#35656)

Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid stack read operation and memory corruption or possibly execute arbitrary code via crafted glyph data in a BDF font...

9.3CVSS6.2AI score0.03813EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/02/15 4:9 p.m.6 views

t1lib: Heap based buffer overflow in DVI file AFM font parser

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunctio...

7.6CVSS6.3AI score0.1427EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/01/24 9:3 p.m.6 views

t1lib: Heap-based buffer overflow DVI file AFM font parser

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...

6.8CVSS6.4AI score0.0421EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/01/24 9:3 p.m.7 views

t1lib: Heap based buffer overflow in DVI file AFM font parser

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunctio...

7.6CVSS6.3AI score0.1427EPSS
Exploits0References4
Debian
Debian
added 2011/12/05 7:26 p.m.40 views

[SECURITY] [DSA 2358-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

10CVSS10AI score0.96714EPSS
Exploits20
Tenable Nessus
Tenable Nessus
added 2011/05/05 12:0 a.m.34 views

openSUSE Security Update : t1lib (openSUSE-SU-2011:0140-1)

A heap overflow in the AFM font parser of DVI files has been fixed in t1lib. CVE-2010-2642 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update t1lib-3788. The text...

7.6CVSS5.3AI score0.1427EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/05/05 12:0 a.m.20 views

openSUSE Security Update : evince (openSUSE-SU-2011:0045-1)

Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 - CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

7.6CVSS5.5AI score0.1427EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2011/03/01 12:0 a.m.23 views

SuSE 11.1 Security Update : t1lib (SAT Patch Number 3789)

A heap overflow in the AFM font parser of DVI files has been fixed in t1lib. CVE-2010-2642 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself i...

7.6CVSS5.3AI score0.1427EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/01/21 12:0 a.m.23 views

SuSE 10 Security Update : evince (ZYPP Patch Number 7309)

Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 / CVE-2010-2641 / CVE-2010-2642 / CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

7.6CVSS5.5AI score0.1427EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2011/01/21 12:0 a.m.28 views

SuSE 11.1 Security Update : evince (SAT Patch Number 3769)

Multiple font parser vulnerabilities in the DVI backend of evince have been fixed. CVE-2010-2640 - CVE-2010-2643 have been assigned to these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...

7.6CVSS5.5AI score0.1427EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2011/01/14 12:0 a.m.31 views

Mandriva Update for evince MDVSA-2011:005 (evince)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.6CVSS5.2AI score0.1427EPSS
Exploits0References2
NVD
NVD
added 2011/01/07 7:0 p.m.16 views

CVE-2010-2640

Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.6CVSS7.6AI score0.04935EPSS
Exploits0References22
NVD
NVD
added 2011/01/07 7:0 p.m.18 views

CVE-2010-2643

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer...

7.6CVSS7.5AI score0.05994EPSS
Exploits0References22
Rows per page
Query Builder