Lucene search
+L

309 matches found

osv
osv
added 2015/03/18 2:45 p.m.4 views

USN-2536-1 libxfont vulnerabilities

Ilja van Sprundel, Alan Coopersmith, and William Robinet discovered that libXfont incorrectly handled malformed bdf fonts. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges...

8.5CVSS6.2AI score0.04923EPSS
Exploits0References4
ubuntu
ubuntu
added 2015/03/18 2:45 p.m.57 views

USN-2536-1: libXfont vulnerabilities

Ilja van Sprundel, Alan Coopersmith, and William Robinet discovered that libXfont incorrectly handled malformed bdf fonts. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges...

8.5CVSS6.1AI score0.04923EPSS
Exploits0
securityvulns
securityvulns
added 2015/03/18 12:0 a.m.46 views

libXfont multiple security vulnerabilities

Memory corruptions on bdf parsing...

8.5CVSS3.5AI score0.04923EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2015/03/18 12:0 a.m.99 views

[USN-2536-1] libXfont vulnerabilities

========================================================================== Ubuntu Security Notice USN-2536-1 March 18, 2015 libxfont vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

8.5CVSS0.4AI score0.04923EPSS
Exploits0
nessus
nessus
added 2015/03/18 12:0 a.m.34 views

FreeBSD : libXfont -- BDF parsing issues (f7d79fac-cd49-11e4-898f-bcaec565249c)

Alan Coopersmith reports : Ilja van Sprundel, a security researcher with IOActive, has discovered an issue in the parsing of BDF font files by libXfont. Additional testing by Alan Coopersmith and William Robinet with the American Fuzzy Lop afl tool uncovered two more issues in the parsing of BDF...

8.5CVSS6AI score0.04923EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2015/03/18 12:0 a.m.25 views

CVE-2015-1804

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...

8.5CVSS7AI score0.04923EPSS
Exploits0References3
ubuntucve
ubuntucve
added 2015/03/18 12:0 a.m.21 views

CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...

8.5CVSS6.4AI score0.04864EPSS
Exploits0References3
osv
osv
added 2015/03/18 12:0 a.m.4 views

UBUNTU-CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...

8.5CVSS6.5AI score0.04864EPSS
Exploits0References4
osv
osv
added 2015/03/18 12:0 a.m.3 views

UBUNTU-CVE-2015-1804

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...

8.5CVSS7.6AI score0.04923EPSS
Exploits0References4
redhat
redhat
added 2015/03/17 5:58 p.m.6 views

freetype: information leak in _bdf_add_property()

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

5CVSS7.4AI score0.04159EPSS
Exploits1References4
redhat
redhat
added 2015/03/17 5:58 p.m.5 views

freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs()

The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...

7.5CVSS6AI score0.05059EPSS
Exploits1References4
debian
debian
added 2015/03/17 3:38 p.m.46 views

[SECURITY] [DSA 3194-1] libxfont security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3194-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 17, 2015 http://www.debian.org/security/faq -...

8.5CVSS6.3AI score0.04923EPSS
Exploits0
openvas
openvas
added 2015/03/17 12:0 a.m.33 views

Debian Security Advisory DSA 3194-1 (libxfont - security update)

Ilja van Sprundel, Alan Coopersmith and William Robinet discovered multiple issues in libxfont OpenVAS Vulnerability Test $Id: deb3194.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3194-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright:...

8.5CVSS0.3AI score0.04923EPSS
Exploits0References1
osv
osv
added 2015/03/17 12:0 a.m.24 views

DSA-3194-1 libxfont - security update

Bulletin has no description...

8.5CVSS6.2AI score0.04923EPSS
Exploits0
freebsd
freebsd
added 2015/03/17 12:0 a.m.23 views

libXfont -- BDF parsing issues

Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered an issue in the parsing of BDF font files by libXfont. Additional testing by Alan Coopersmith and William Robinet with the American Fuzzy Lop afl tool uncovered two more issues in the parsing of BDF...

8.5CVSS5.3AI score0.04923EPSS
Exploits0References1
cnvd
cnvd
added 2015/02/09 12:0 a.m.4 views

FreeType 'bdf/bdflib.c' Security Bypass Vulnerability

FreeType is a library of popular font functions. A security bypass vulnerability exists in FreeType 'bdf/bdflib.c' due to the program failing to correctly identify property names. Allows a remote attacker to discover heap pointer values and bypass the mechanism for making BDF font ASLR protection...

5CVSS7AI score0.04159EPSS
Exploits1References1
osv
osv
added 2015/02/08 11:59 a.m.5 views

CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

6.2AI score
Exploits0References15
osv
osv
added 2015/02/08 11:59 a.m.2 views

DEBIAN-CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...

5CVSS8AI score0.04159EPSS
Exploits1References1
nvd
nvd
added 2015/02/08 11:59 a.m.23 views

CVE-2014-9660

The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...

7.5CVSS7.4AI score0.05059EPSS
Exploits1References14
osv
osv
added 2015/02/08 11:59 a.m.3 views

DEBIAN-CVE-2014-9660

The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...

7.5CVSS7.4AI score0.05059EPSS
Exploits1References1
Rows per page
Query Builder