2 matches found
DEBIAN-CVE-2014-9675
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...
freetype: multiple integer overflow vulnerabilities
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via attack vectors related to 1 bdf/bdflib.c, 2 sfnt/ttcmap.c, 3 cff/cffgload.c, and 4 the readlwfn function and a crafted LWFN file in base/ftmac.c. NOT...