301 matches found
freetype2/bdf: Heap-buffer-overflow in bdf_cmap_char_index
Detailed report: https://oss-fuzz.com/testcase?key=5658441041838080 Project: freetype2 Fuzzer: libFuzzerfreetype2bdf Fuzz target binary: bdf Job Type: libfuzzerasanfreetype2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Crash Address: 0x6050000007d0 Crash State: bdfcmapcharindex...
Security Bulletin: PowerKVM is affected by freetype vulnerabilities (Multiple CVEs)
Summary PowerKVM is affected by multiple freetype vulnerabilities. Vulnerability Details CVEID: CVE-2014-9657 DESCRIPTION: FreeType is vulnerable to a denial of service, caused by an out-of-bounds read in the ttfaceloadhdmx function. A remote attacker could exploit this vulnerability using...
F5 Networks BIG-IP : BDF parsing vulnerability (K15095307)
The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. CVE-2012-5669 C Tenable Network...
SOL15095307 - BDF parsing vulnerability CVE-2012-5669
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
X.Org libXfont BDF字体文件处理基于栈的缓冲区溢出漏洞
No description provided by source...
Amazon Linux AMI : libXfont (ALAS-2015-597)
An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802 An integer...
Important: libXfont
Issue Overview: An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802...
Amazon Linux: Security Advisory (ALAS-2013-150)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : libXfont on SL6.x, SL7.x i386/x86_64 (20150903)
An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802 An integer...
Important: Red Hat Security Advisory: libXfont security update
An updated libXfont package that fixes three security issues is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
SuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 10487)
LibXFont was updated to fix security problems that could be used by local attackers to gain X server privileges root. The following security issues have been fixed : - The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries...
openSUSE Security Update : libXfont (openSUSE-2015-266)
libXFont was updated to fix three vulnerabilities when parsing BDF files bnc921978 As libXfont is used by the X server to read font files, and an unprivileged user with access to the X server can tell the X server to read a given font file from a path of their choosing, these vulnerabilities have...
[SECURITY] [DLA 183-1] libxfont security update
Package : libxfont Version : 1:1.4.1-5+deb6u1 CVE ID : CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 Ilja van Sprundel, Alan Coopersmith and William Robinet discovered multiple issues in libxfonts code to process BDF fonts, which might result in privilege escalation...
DLA-183-1 libxfont - security update
Bulletin has no description...
openSUSE: Security Advisory for libXfont (openSUSE-SU-2015:0614-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for libXfont (important)
libXFont was updated to fix three vulnerabilities when parsing BDF files bnc921978 As libXfont is used by the X server to read font files, and an unprivileged user with access to the X server can tell the X server to read a given font file from a path of their choosing, these vulnerabilities have...
Updated libxfont package fixes security vulnerabilities
The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries for each property based on that count. It never checked to see if that count was negative, or large enough to overflow when multiplied by the size of the structures...
X.Org libXfont bitmap/bdfread.c out-of-bounds write denial of service vulnerability
X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation and is open source free software. libXfont is an X font handling library for servers and utilities. A security vulnerability exists in the 'bdfReadProperties' function in the bitmap/bdfread.c fil...
DEBIAN-CVE-2015-1804
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...
CVE-2015-1803
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...