209 matches found
SUSE CVE-2011-3367
Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...
SUSE CVE-2012-0472
The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are used, does not properly restrict...
SUSE CVE-2022-27470
SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...
grub2: Heap based out-of-bounds write when redering certain unicode sequences
A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...
grub2: Heap based out-of-bounds write when redering certain unicode sequences
A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...
grub2: Heap based out-of-bounds write when redering certain unicode sequences
A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...
DEBIAN-CVE-2022-3775
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...
AZL-12079 CVE-2022-3775 affecting package grub2 for versions less than 2.06-10
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...
AZL-34792 CVE-2022-3775 affecting package grub2 for versions less than 2.06-14
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...
UBUNTU-CVE-2022-3775
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption an...
grub2: Heap based out-of-bounds write when redering certain unicode sequences
A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...
grub2: Heap based out-of-bounds write when redering certain unicode sequences
A flaw was found in the grub2 font code. When rendering certain unicode sequences, it fails to properly validate the font width and height. These values are further used to access the font buffer, causing possible out-of-bounds writes. A malicious actor may craft a font capable of triggering this...
USN-5657-1: Graphite2 vulnerability
It was discovered that Graphite2 mishandled specially crafted files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact...
Fedora: Security Advisory for freetype (FEDORA-2022-80e1724780)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: freetype-2.10.4-6.fc34
The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...
[SECURITY] Fedora 35 Update: freetype-2.11.0-6.fc35
The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...
[SECURITY] Fedora 36 Update: freetype-2.12.1-1.fc36
The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...
UBUNTU-CVE-2022-27470
SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...
FreeType 缓冲区错误漏洞
FreeType is an open source font rendering library written in the C language. A security vulnerability exists in FreeType, which stems from the commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was found to contain a heap buffer overflow via the function sfntinitface...
Security fix for the ALT Linux 10 package java-1.8.0-openjdk version 0:1.8.0.322.b06-alt2_1jpp8
0:1.8.0.322.b06-alt21jpp8 built April 7, 2022 Andrey Cherepanov in task 295626 --- Feb. 18, 2022 Andrey Cherepanov - New version. - Security fixes: + JDK-8264934, CVE-2022-21248: Enhance cross VM serialization + JDK-8268488: More valuable DerValues + JDK-8268494: Better inlining of inlined...