309 matches found
USN-2536-1 libxfont vulnerabilities
Ilja van Sprundel, Alan Coopersmith, and William Robinet discovered that libXfont incorrectly handled malformed bdf fonts. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges...
USN-2536-1: libXfont vulnerabilities
Ilja van Sprundel, Alan Coopersmith, and William Robinet discovered that libXfont incorrectly handled malformed bdf fonts. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges...
libXfont multiple security vulnerabilities
Memory corruptions on bdf parsing...
[USN-2536-1] libXfont vulnerabilities
========================================================================== Ubuntu Security Notice USN-2536-1 March 18, 2015 libxfont vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
FreeBSD : libXfont -- BDF parsing issues (f7d79fac-cd49-11e4-898f-bcaec565249c)
Alan Coopersmith reports : Ilja van Sprundel, a security researcher with IOActive, has discovered an issue in the parsing of BDF font files by libXfont. Additional testing by Alan Coopersmith and William Robinet with the American Fuzzy Lop afl tool uncovered two more issues in the parsing of BDF...
CVE-2015-1804
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...
CVE-2015-1803
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...
UBUNTU-CVE-2015-1803
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...
UBUNTU-CVE-2015-1804
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...
freetype: information leak in _bdf_add_property()
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...
freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs()
The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...
[SECURITY] [DSA 3194-1] libxfont security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3194-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 17, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3194-1 (libxfont - security update)
Ilja van Sprundel, Alan Coopersmith and William Robinet discovered multiple issues in libxfont OpenVAS Vulnerability Test $Id: deb3194.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3194-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright:...
DSA-3194-1 libxfont - security update
Bulletin has no description...
libXfont -- BDF parsing issues
Alan Coopersmith reports: Ilja van Sprundel, a security researcher with IOActive, has discovered an issue in the parsing of BDF font files by libXfont. Additional testing by Alan Coopersmith and William Robinet with the American Fuzzy Lop afl tool uncovered two more issues in the parsing of BDF...
FreeType 'bdf/bdflib.c' Security Bypass Vulnerability
FreeType is a library of popular font functions. A security bypass vulnerability exists in FreeType 'bdf/bdflib.c' due to the program failing to correctly identify property names. Allows a remote attacker to discover heap pointer values and bypass the mechanism for making BDF font ASLR protection...
CVE-2014-9675
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...
DEBIAN-CVE-2014-9675
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...
CVE-2014-9660
The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...
DEBIAN-CVE-2014-9660
The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...