300 matches found
CVE-2024-41981
CVE-2024-41981 affects Simcenter Femap V2306, V2401, and V2406, where a heap-based buffer overflow occurs while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. Connected sources identify the vulnerability in Simcenter Femap,...
CVE-2024-41981
A vulnerability has been identified in Simcenter Femap V2306 All versions, Simcenter Femap V2401 All versions, Simcenter Femap V2406 All versions. The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted BDF files. This could allow an attacker to execut...
PT-2024-7985 · Siemens · Simcenter Femap +1
Name of the Vulnerable Software and Affected Versions: Simcenter Femap versions V2306 through V2406 Simcenter Nastran versions 2306 through 2312 Description: The issue is related to a memory corruption vulnerability while parsing specially crafted BDF files, which could allow an attacker to execu...
RHEL 4 : freetype (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freetype: multiple integer overflows MacReadPOSTResource leading to heap-based buffer overflows...
RHEL 6 : fontforge (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - fontforge: Command injetion in help function uiutil.c CVE-2017-17521 - Stack-based buffer overflow in...
K15095307: BDF parsing vulnerability CVE-2012-5669
Security Advisory Description The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...
SUSE CVE-2007-1351
Integer overflow in the bdfReadCharacters function in bdfread.c in 1 X.Org libXfont before 20070403 and 2 freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow...
SUSE CVE-2008-0006
Buffer overflow in 1 X.Org Xserver before 1.4.1, and 2 the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the last col and first col values in the PCFBDFENCODINGS...
SUSE CVE-2010-3053
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash via a crafted BDF font file, related to an attempted modification of a value in a static string...
SUSE CVE-2010-4259
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...
SUSE CVE-2012-1126
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via crafted property data in a BDF font...
SUSE CVE-2012-1127
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font...
SUSE CVE-2012-1133
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap write operation and memory corruption or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font...
SUSE CVE-2012-1137
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via a crafted header in a BDF font...
SUSE CVE-2012-1136
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap write operation and memory corruption or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODI...
SUSE CVE-2012-1139
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid stack read operation and memory corruption or possibly execute arbitrary code via crafted glyph data in a BDF font...
SUSE CVE-2012-5669
The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...
SUSE CVE-2012-5668
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdffreefont function...
SUSE CVE-2012-5670
The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service out-of-bounds write and crash via vectors related to BDF fonts and an ENCODING field with a negative value...
SUSE CVE-2013-6462
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in a character name in a BDF font file...