K15095307: BDF parsing vulnerability CVE-2012-5669

Security Advisory Description The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...

SUSE: Security Advisory (SUSE-SU-2013:0195-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : BDF parsing vulnerability (K15095307)

The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. CVE-2012-5669 C Tenable Network...

Oracle: Security Advisory (ELSA-2013-0216)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201402-16

Gentoo Linux Local Security Checks GLSA 201402-16 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Amazon Linux: Security Advisory (ALAS-2013-150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.3 : freetype (OVMSA-2015-0036)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fixes CVE-2014-9657 - Check minimum size of recordsize'. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes CVE-2014-9675 - New macro that checks one character more than...

openSUSE Security Update : freetype2 (openSUSE-SU-2013:0165-1)

BNC795826, CVE-2012-5668.patch bdf Fix Savannah bug 37905. - src/bdf/bdflib.c bdfparsestart: Reset propssize' to zero in case of allocation error; this value gets used in a loop in - BNC795826, CVE-2012-5669.patch bdf Fix Savannah bug 37906. - src/bdf/bdflib.c bdfparseglyphs: Use correct array...

openSUSE Security Update : freetype2 (openSUSE-SU-2013:0177-1)

new license string. - BNC795826, CVE-2012-5668.patch - BNC795826, CVE-2012-5669.patch bdf Fix Savannah bug 37906. - src/bdf/bdflib.c bdfparseglyphs: Use correct array size for checking glyphenc'. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Amazon Linux AMI : freetype (ALAS-2013-150)

A flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format BDF fonts. If a user loaded a specially crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code wit...

Oracle Linux 5 / 6 : freetype (ELSA-2013-0216)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0216 advisory. - Fix CVE-2012-5669 Use correct array size for checking 'glyphenc' - Add freetype-2.3.11-CVE-2011-3439.patch Various loading fixes. - Add...

Fedora Update for freetype FEDORA-2013-1466

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2013:006)

Multiple vulnerabilities has been found and corrected in freetype2 : A NULL pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format BDF fonts. A remote attacker could provide a specially crafted BDF font file, which once processed in ...

Fedora Update for freetype FEDORA-2013-1492

Check for the Version of freetype OpenVAS Vulnerability Test Fedora Update for freetype FEDORA-2013-1492 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for freetype FEDORA-2013-1492

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 18 : freetype-2.4.10-3.fc18 (2013-1492)

This update fixes CVE-2012-5669. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

RedHat Update for freetype RHSA-2013:0216-01

Check for the Version of freetype OpenVAS Vulnerability Test RedHat Update for freetype RHSA-2013:0216-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for freetype RHSA-2013:0216-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for freetype CESA-2013:0216 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Important: freetype

Issue Overview: A flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format BDF fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute...