301 matches found
SUSE CVE-2013-6462
Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long string in a character name in a BDF font file...
SUSE CVE-2014-9660
The bdfparseglyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via a crafted BDF font...
SUSE CVE-2014-9675
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font...
SUSE CVE-2015-1803
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...
Siemens Simcenter Femap BDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2021-46699
A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...
CVE-2021-46699
A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...
CVE-2021-46699
A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...
Stack overflow
A vulnerability has been identified in Simcenter Femap All versions V2022.1.1. Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. ZDI-CAN-15061...
CVE-2022-23318
A heap-buffer-overflow in pcf2bdf, versions = 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact...
Mageia: Security Advisory (MGASA-2015-0113)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Arbitrary Code Execution
freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...
Arbitrary Code Execution
freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...
Arbitrary Code Execution
freetype is vulenrable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...
Denial Of Service (DoS)
FreeType is vulnerable to denial of service DoS. An integer overflow flaw was found in the way the FreeType font engine processed BDF font files. If a user loaded a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary cod...
Arbitrary Code Execution
libxfont is vulnerable to arbitrary code execution. An integer truncation flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the...
Null Pointer Dereference
The libXfont package provides the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to cras...
Denial Of Service (DoS)
libxfont is vulnerable to denial of service DoS attacks. The vulnerability exists as the bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service out-of-bounds write and crash or possibly...
Denial Of Service (Dos)
freetype is vulnerable to denial of service. This is due to an out-of-bounds read when the rendering engine processes certain Glyph Bitmap Distribution Format BDF fonts. An attacker is able to crash a user's application, or potentially execute arbitrary code, via a malicious font file that is...
Denial Of Service (Dos)
libXfont is vulnerable to denial of service. A stack-based buffer overflow occurs when the libXfont library parsed Glyph Bitmap Distribution Format BDF fonts with a long string in a character name. This allows a local attacker to crash the service or potentially execute arbitrary code with the...