11 matches found
EUVD-2005-0578
Malware in sbrugna...
Denial Of Service (DoS)
FreeType is vulnerable to denial of service DoS. An integer overflow flaw was found in the way the FreeType font engine processed BDF font files. If a user loaded a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary cod...
FreeBSD : libXfont -- Stack buffer overflow in parsing of BDF font files in libXfont (28c575fa-784e-11e3-8249-001cc0380077)
freedesktop.org reports : A BDF font file containing a longer than expected string can cause a buffer overflow on the stack. Testing in X servers built with Stack Protector restulted in an immediate crash when reading a user-proveded specially crafted font. As libXfont is used to read...
Oracle Linux 3 / 4 : freetype (ELSA-2007-0150)
From Red Hat Security Advisory 2007:0150 : Updated freetype packages that fix a security flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, portable...
Ubuntu 8.04 LTS / 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : freetype vulnerabilities (USN-1686-1)
Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. Note that Tenable Network...
USN-1686-1: FreeType vulnerabilities
Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...
RHEL 3 / 4 / 5 : freetype (RHSA-2007:0150)
Updated freetype packages that fix a security flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, portable font engine. An integer overflow flaw was...
freetype security update
CentOS Errata and Security Advisory CESA-2007:0150 Updated freetype packages that fix a security flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality,...
CVE-2005-0577
Format string vulnerability in DNA MKBold-MKItalic 0.061 and earlier allows remote attackers to execute arbitrary code via crafted BDF font files...
CVE-2005-0577
CVE-2005-0577 affects DNA MKBold-MKItalic up to version 0.06_1. The vulnerability is a format string flaw in the BDF font processing that could allow remote code execution. The OpenVAS and NVD records corroborate the issue; they reference the FreeBSD ports mkbold-mkitalic package as affected. The...
mkbold-mkitalic -- format string vulnerability
The version 0.061 and prior have a format string vulnerability which can be triggered by using a carefully-crafted BDF font file...