6 matches found
Fedora Update for freetype FEDORA-2014-16854
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : mingw-freetype-2.4.12-3.fc19 (2014-6833)
Fix CVE-2014-2240 and CVE-2014-2241 RHBZ 1074649 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2014-2241
The 1 cf2initLocalRegionBuffer and 2 cf2initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service assertion failure, as demonstrated by a crafted ttf file...
CVE-2014-2241
CVE-2014-2241 affects FreeType up to 2.5.3. The cf2_initLocalRegionBuffer and cf2_initGlobalRegionBuffer functions do not properly verify that a subroutine exists, allowing an attacker to trigger a denial-of-service (assertion failure) via a crafted TrueType font. Connected advisories generally r...
Updated freetype2 packages fix security vulnerabilities
It was reported that Freetype before 2.5.3 suffers from an out-of-bounds stack-based read/write flaw in cf2hintmapbuild in the CFF rasterizing code, which could lead to a buffer overflow CVE-2014-2240. It was also reported that Freetype before 2.5.3 has a denial-of-service vulnerability in the CF...
FreeType 'src/cff/cf2ft.c'远程拒绝服务漏洞
BUGTRAQ ID: 66292 CVE ID:CVE-2014-2241 FreeType是一个流行的字体函数库。 FreeType 'src/cff/cf2ft.c'中的cf2initLocalRegionBuffer, cf2initGlobalRegionBuffer函数存在一个断言失败错误,允许攻击者利用漏洞构建恶意字体,诱使应用解析,可使应用程序崩溃。 0 FreeType 2.5.3 厂商补丁: FreeType ----- 用户可参考厂商的GIT库以获得补丁修复此漏洞:...