Lucene search
K

301 matches found

ossfuzz
ossfuzz
added 2018/10/04 7:5 a.m.13 views

freetype2/bdf: Heap-buffer-overflow in bdf_cmap_char_index

Detailed report: https://oss-fuzz.com/testcase?key=5658441041838080 Project: freetype2 Fuzzer: libFuzzerfreetype2bdf Fuzz target binary: bdf Job Type: libfuzzerasanfreetype2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 8 Crash Address: 0x6050000007d0 Crash State: bdfcmapcharindex...

6.8AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:28 a.m.39 views

Security Bulletin: PowerKVM is affected by freetype vulnerabilities (Multiple CVEs)

Summary PowerKVM is affected by multiple freetype vulnerabilities. Vulnerability Details CVEID: CVE-2014-9657 DESCRIPTION: FreeType is vulnerable to a denial of service, caused by an out-of-bounds read in the ttfaceloadhdmx function. A remote attacker could exploit this vulnerability using...

7.5CVSS0.7AI score0.0571EPSS
Exploits12Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/03 12:0 a.m.42 views

F5 Networks BIG-IP : BDF parsing vulnerability (K15095307)

The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. CVE-2012-5669 C Tenable Network...

4.3CVSS5.9AI score0.03857EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2016/02/01 12:0 a.m.41 views

SOL15095307 - BDF parsing vulnerability CVE-2012-5669

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS3.5AI score0.03857EPSS
Exploits0References8
seebug.org
seebug.org
added 2016/01/07 12:0 a.m.24 views

X.Org libXfont BDF字体文件处理基于栈的缓冲区溢出漏洞

No description provided by source...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/09/23 12:0 a.m.25 views

Amazon Linux AMI : libXfont (ALAS-2015-597)

An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802 An integer...

8.5CVSS6.3AI score0.04923EPSS
Exploits0References4
Amazon
Amazon
added 2015/09/22 12:0 a.m.53 views

Important: libXfont

Issue Overview: An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802...

8.5CVSS6.4AI score0.04923EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.28 views

Amazon Linux: Security Advisory (ALAS-2013-150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.4AI score0.03857EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/09/04 12:0 a.m.34 views

Scientific Linux Security Update : libXfont on SL6.x, SL7.x i386/x86_64 (20150903)

An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format BDF fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. CVE-2015-1802 An integer...

8.5CVSS6.3AI score0.04923EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/09/03 11:26 a.m.34 views

Important: Red Hat Security Advisory: libXfont security update

An updated libXfont package that fixes three security issues is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

8.5CVSS6.4AI score0.04923EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/04/08 12:0 a.m.25 views

SuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 10487)

LibXFont was updated to fix security problems that could be used by local attackers to gain X server privileges root. The following security issues have been fixed : - The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries...

8.5CVSS6.3AI score0.04923EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.28 views

openSUSE Security Update : libXfont (openSUSE-2015-266)

libXFont was updated to fix three vulnerabilities when parsing BDF files bnc921978 As libXfont is used by the X server to read font files, and an unprivileged user with access to the X server can tell the X server to read a given font file from a path of their choosing, these vulnerabilities have...

8.5CVSS6.4AI score0.04923EPSS
Exploits0References4
Debian
Debian
added 2015/03/28 5:44 p.m.37 views

[SECURITY] [DLA 183-1] libxfont security update

Package : libxfont Version : 1:1.4.1-5+deb6u1 CVE ID : CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 Ilja van Sprundel, Alan Coopersmith and William Robinet discovered multiple issues in libxfonts code to process BDF fonts, which might result in privilege escalation...

8.5CVSS4.2AI score0.04923EPSS
Exploits0
OSV
OSV
added 2015/03/28 12:0 a.m.11 views

DLA-183-1 libxfont - security update

Bulletin has no description...

8.5CVSS6.2AI score0.04923EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/03/28 12:0 a.m.22 views

openSUSE: Security Advisory for libXfont (openSUSE-SU-2015:0614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS5.6AI score0.04923EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2015/03/27 10:8 a.m.32 views

Security update for libXfont (important)

libXFont was updated to fix three vulnerabilities when parsing BDF files bnc921978 As libXfont is used by the X server to read font files, and an unprivileged user with access to the X server can tell the X server to read a given font file from a path of their choosing, these vulnerabilities have...

8.5CVSS3.5AI score0.04923EPSS
Exploits0References1
Mageia
Mageia
added 2015/03/23 11:58 p.m.36 views

Updated libxfont package fixes security vulnerabilities

The bdf parser reads a count for the number of properties defined in a font from the font file, and allocates arrays with entries for each property based on that count. It never checked to see if that count was negative, or large enough to overflow when multiplied by the size of the structures...

8.5CVSS5.1AI score0.04923EPSS
Exploits0References2
CNVD
CNVD
added 2015/03/23 12:0 a.m.4 views

X.Org libXfont bitmap/bdfread.c out-of-bounds write denial of service vulnerability

X.Org is an official reference implementation of the X Window System operated by the X.Org Foundation and is open source free software. libXfont is an X font handling library for servers and utilities. A security vulnerability exists in the 'bdfReadProperties' function in the bitmap/bdfread.c fil...

8.5CVSS7.4AI score0.04864EPSS
Exploits0References1
OSV
OSV
added 2015/03/20 2:59 p.m.0 views

DEBIAN-CVE-2015-1804

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service out-of-bounds memory access and possibly execute arbitrary co...

8.5CVSS9.1AI score0.04923EPSS
Exploits0References1
NVD
NVD
added 2015/03/20 2:59 p.m.20 views

CVE-2015-1803

The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrar...

8.5CVSS7.1AI score0.04864EPSS
Exploits0References16
Rows per page
Query Builder