SUSE: Security Advisory (SUSE-SU-2015:0455-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Null Pointer Dereference

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

Heap-Based Buffer Overflow

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

Integer Overflow

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

Out-Of-Bounds Read

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

Security Bulletin: Multiple Security Vulnerabilities Fixed in IBM Security Privileged Identity Manager

Summary IBM Security Privileged Identity Manager is affected by multiple freetype vulnerabilities. The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Security Privileged Identity Manager OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK:...

Amazon Linux: Security Advisory (ALAS-2015-502)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.3 : freetype (OVMSA-2015-0036)

The remote OracleVM system is missing necessary patches to address critical security updates : - Fixes CVE-2014-9657 - Check minimum size of recordsize'. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes CVE-2014-9675 - New macro that checks one character more than...

RedHat Update for freetype RHSA-2015:0696-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 / 7 : freetype (ELSA-2015-0696)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0696 advisory. - Fixes CVE-2014-9657 - Check minimum size of recordsize. - Fixes CVE-2014-9658 - Use correct value for minimum table length test. - Fixes...

Debian DSA-3188-1 : freetype - security update

Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

[SECURITY] [DSA 3188-1] freetype security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3188-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq -...

GLSA-201503-05 : FreeType: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201503-05 FreeType: Multiple vulnerabilities Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact : A remote attacker can cause Denial of Service...

[USN-2510-1] FreeType vulnerabilities

========================================================================== Ubuntu Security Notice USN-2510-1 February 24, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

Ubuntu: Security Advisory (USN-2510-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for freetype FEDORA-2015-2216

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 21 : freetype-2.5.3-15.fc21 (2015-2237)

This update fixes several security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...

Fedora Update for freetype FEDORA-2015-2237

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-9657

The ttfaceloadhdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted TrueType font...

CVE-2014-9657

CVE-2014-9657 affects FreeType before 2.5.4, where tt_face_load_hdmx does not enforce a minimum record size, enabling a remote attacker to trigger a denial of service (out-of-bounds read) or other impact via a crafted TrueType font. Connected sources corroborate multiple FreeType flaws and link r...