Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.33 views

Fedora Update for freetype FEDORA-2014-16854

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.06275EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2014/06/10 12:0 a.m.30 views

Fedora 19 : mingw-freetype-2.4.12-3.fc19 (2014-6833)

Fix CVE-2014-2240 and CVE-2014-2241 RHBZ 1074649 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.5CVSS6.1AI score0.06275EPSS
Exploits3References3
OSV
OSV
added 2014/03/18 5:4 p.m.7 views

CVE-2014-2241

The 1 cf2initLocalRegionBuffer and 2 cf2initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service assertion failure, as demonstrated by a crafted ttf file...

6.2AI score
Exploits0References6
CVE
CVE
added 2014/03/18 2:0 p.m.64 views

CVE-2014-2241

CVE-2014-2241 affects FreeType up to 2.5.3. The cf2_initLocalRegionBuffer and cf2_initGlobalRegionBuffer functions do not properly verify that a subroutine exists, allowing an attacker to trigger a denial-of-service (assertion failure) via a crafted TrueType font. Connected advisories generally r...

6.8CVSS6.2AI score0.01571EPSS
Exploits2References5Affected Software1
Mageia
Mageia
added 2014/03/15 4:26 p.m.35 views

Updated freetype2 packages fix security vulnerabilities

It was reported that Freetype before 2.5.3 suffers from an out-of-bounds stack-based read/write flaw in cf2hintmapbuild in the CFF rasterizing code, which could lead to a buffer overflow CVE-2014-2240. It was also reported that Freetype before 2.5.3 has a denial-of-service vulnerability in the CF...

7.5CVSS6.7AI score0.06275EPSS
Exploits3References3
seebug.org
seebug.org
added 2014/03/11 12:0 a.m.63 views

FreeType 'src/cff/cf2ft.c'远程拒绝服务漏洞

BUGTRAQ ID: 66292 CVE ID:CVE-2014-2241 FreeType是一个流行的字体函数库。 FreeType 'src/cff/cf2ft.c'中的cf2initLocalRegionBuffer, cf2initGlobalRegionBuffer函数存在一个断言失败错误,允许攻击者利用漏洞构建恶意字体,诱使应用解析,可使应用程序崩溃。 0 FreeType 2.5.3 厂商补丁: FreeType ----- 用户可参考厂商的GIT库以获得补丁修复此漏洞:...

6.8CVSS0.5AI score0.01571EPSS
Exploits2
Rows per page
Query Builder