SUSE CVE-2014-9656

The ttsbitdecoderloadimage function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted OpenType font...

SUSE: Security Advisory (SUSE-SU-2015:0455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SOL16380 - FreeType vulnerabilities CVE-2014-9656 and CVE-2014-9659

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate these vulnerabilities by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any...

Debian DSA-3188-1 : freetype - security update

Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

[SECURITY] [DSA 3188-1] freetype security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3188-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq -...

GLSA-201503-05 : FreeType: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201503-05 FreeType: Multiple vulnerabilities Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can cause Denial of Service...

[USN-2510-1] FreeType vulnerabilities

========================================================================== Ubuntu Security Notice USN-2510-1 February 24, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

Ubuntu: Security Advisory (USN-2510-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for freetype FEDORA-2015-2216

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for freetype FEDORA-2015-2237

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : freetype-2.5.3-15.fc21 (2015-2237)

This update fixes several security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...

CVE-2014-9656

The ttsbitdecoderloadimage function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted OpenType font...

CVE-2014-9656

FreeType contains CVE-2014-9656 (and related 9657/9658/9659/9660/9661/etc. in the same family) vulnerabilities. The primary issue is integer overflow and related memory errors in the font parsing code, notably tt_sbit_decoder_load_image in sfnt/ttsbit.c, which could allow a remote attacker to cau...