15 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-9745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a broken...
K72372334: FreeType vulnerability CVE-2014-9745
Security Advisory Description The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage. CVE-2014-9745 Impact A remote attacker may be...
SUSE: Security Advisory (SUSE-SU-2016:1149-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2020-1491)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : freetype (EulerOS-SA-2020-1491)
According to the versions of the freetype package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The t42parseencoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for...
Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2019-2148)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2019-2514)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SOL72372334 - FreeType vulnerability CVE-2014-9745
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SUSE SLES11 Security Update : freetype2 (SUSE-SU-2016:1149-1)
This update of the freetype2 library fixes two security issues : - An infinite loop in parseencoding in t1load.c CVE-2014-9745, bsc945849 - Use of uninitialized memory in psparserloadfield, t42parsefontmatrix and t1parsefontmatrix CVE-2014-9747, bsc947966 Note that Tenable Network Security has...
[SECURITY] [DSA 3370-1] freetype security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3370-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini October 06, 2015 https://www.debian.org/security/faq -...
Debian DSA-3370-1 : freetype - security update
It was discovered that FreeType did not properly handle some malformed inputs. This could allow remote attackers to cause a denial of service crash via crafted font files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
[SECURITY] [DSA 3370-1] freetype security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3370-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini October 06, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DLA 319-1] freetype security update
Package : freetype Version : 2.4.2-2.1+squeeze6 CVE ID : CVE-2014-9745 CVE-2014-9746 CVE-2014-9747 Debian Bug : 798619 798620 Sergey Gorbaty reported issues related to the FreeType font engine. FreeType improperly handled certain malformed font files, allowing remote attackers to cause a Denial o...
CVE-2014-9745
The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage...
CVE-2014-9745
CVE-2014-9745 affects FreeType: the parse_encoding path in type1/t1load.c (before 2.5.3) can be triggered by a crafted PostScript stream (e.g., 8#garbage) to cause a denial of service. Public docs consistently cite this as a DoS via broken number-with-base; affected versions are