10 matches found
SUSE CVE-2014-9666
The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...
Memory Corruption
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2012-1970,...
libwmf: heap overflow within the RLE decoding of embedded BMP images
It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileg...
FreeType 'tt_sbit_decoder_init' Function Denial of Service Vulnerability
FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in the FreeType...
CVE-2014-9666
The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...
CVE-2014-9666
The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...
Integer overflow
The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...
CVE-2014-9666
The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...
CVE-2014-9666
CVE-2014-9666 affects FreeType up to version 2.5.3 and 2.5.4 before the patch. The tt_sbit_decoder_init function can proceed with a crafted embedded bitmap without restricting the count, causing integer overflow and out-of-bounds read, leading to DoS (and possibly other impact). A fix is availabl...
UBUNTU-CVE-2014-9666
The ttsbitdecoderinit function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via ...