16 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-10244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parsecharstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cau...
RHEL 5 : freetype (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - freetype: parsecharstrings function in type1/t1load.c does not ensure that a font contains a glyph name...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in freetype2 (CVE-2017-8287 CVE-2017-8105 CVE-2016-10244)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in freetype2. Vulnerability Details CVEID: CVE-2017-8287 DESCRIPTION: Freetype2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the t1builderclosecontour function in...
Mageia: Security Advisory (MGASA-2017-0085)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0462-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerabilities in freetype2 (CVE-2016-10244 CVE-2017-8105 CVE-2017-8287)
Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in freetype2. Vulnerability Details CVEID: CVE-2017-8287 DESCRIPTION: Freetype2 is vulnerable to a denial of service, caused by a heap-based buffer overflow in the t1builderclosecontour function in...
SUSE SLES11 Security Update : freetype2 (SUSE-SU-2018:0462-1)
This update for freetype2 fixes the following issues: Security issue fixed : - CVE-2016-10244: The parsecharstrings function in type1/t1load.c did not ensure that a font contains a glyph name, which allowed remote attackers to cause a denial of service heap-based buffer over-read or possibly have...
SUSE-SU-2018:0462-1 Security update for freetype2
This update for freetype2 fixes the following issues: Security issue fixed: - CVE-2016-10244: The parsecharstrings function in type1/t1load.c did not ensure that a font contains a glyph name, which allowed remote attackers to cause a denial of service heap-based buffer over-read or possibly have...
Security update for freetype2 (important)
This update for freetype2 fixes the following security issues: - CVE-2016-10244: Make sure that the parsecharstrings function in type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS through a heap-based buffer over-read or possibly have unspecified other impact via a...
openSUSE Security Update : freetype2 (openSUSE-2018-156)
This update for freetype2 fixes the following security issues : - CVE-2016-10244: Make sure that the parsecharstrings function in type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS through a heap-based buffer over-read or possibly have unspecified other impact via a...
SUSE SLED12 / SLES12 Security Update : freetype2 (SUSE-SU-2018:0414-1)
This update for freetype2 fixes the following security issues : - CVE-2016-10244: Make sure that the parsecharstrings function in type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS through a heap-based buffer over-read or possibly have unspecified other impact via a...
[SECURITY] [DSA 3839-1] freetype security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3839-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3839-1] freetype security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3839-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 28, 2017 https://www.debian.org/security/faq -...
Updated freetype2 packages fix security vulnerability
The parsecharstrings function in type1/t1load.c in FreeType 2 did not ensure that a font contains a glyph name, which could allow remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted file CVE-2016-10244...
MGASA-2017-0085 Updated freetype2 packages fix security vulnerability
The parsecharstrings function in type1/t1load.c in FreeType 2 did not ensure that a font contains a glyph name, which could allow remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted file CVE-2016-10244...
CVE-2016-10244
CVE-2016-10244 affects FreeType 2 up to version 2.6.x (before 2.7). The vulnerability is in parse_charstrings (type1/t1load.c) where a font may lack a glyph name, enabling a crafted font to cause a heap-based buffer over-read and remote denial of service. Connected advisories confirm fixes in dow...