7 matches found
SUSE: Security Advisory (SUSE-SU-2015:0455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2510-1] FreeType vulnerabilities
========================================================================== Ubuntu Security Notice USN-2510-1 February 24, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
SUSE-SU-2015:0455-1 Security update for freetype2
freetype2 was updated to fix 20 security issues. These security issues were fixed: - CVE-2014-9663: The ttcmap4validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allowed remote attackers to cause a...
Ubuntu: Security Advisory (USN-2510-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : freetype-2.5.3-15.fc21 (2015-2237)
This update fixes several security issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...
CVE-2014-9662
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted OTF font...
CVE-2014-9662
FreeType vulnerability CVE-2014-9662 exists in cff/cf2ft.c up to version 2.5.3/2.5.4 timeframe: the code does not validate return values of point-allocation functions, enabling a remote attacker to craft an OTF font that triggers a heap-based buffer overflow (potential DoS or other impact). A fix...