294 matches found
Debian Security Advisory DSA 3894-1 (graphite2 - security update)
Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed. OpenVAS Vulnerability Test $Id: deb3894.nasl 6607 2017-07-07 12:04:25Z cfischer $ Auto-generated from...
USN-3282-2: FreeType vulnerabilities
It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-3282-1: FreeType vulnerabilities
It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-3237-1: FreeType vulnerability
It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service, or possibly execute arbitrary code...
A year of Windows kernel font fuzzing #1: the results
Posted by Mateusz Jurczyk of Google Project Zero This post series is about how we used at-scale fuzzing to discover and report a total of 16 vulnerabilities in the handling of TrueType and OpenType fonts in the Windows kernel during the last year. In part 1 here, we present a general overview of...
Debian Security Advisory DSA 3370-1 (freetype - security update)
It was discovered that FreeType did not properly handle some malformed inputs. This could allow remote attackers to cause a denial of service crash via crafted font files. OpenVAS Vulnerability Test $Id: deb3370.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3370-1 usi...
[USN-2739-1] FreeType vulnerabilities
========================================================================== Ubuntu Security Notice USN-2739-1 September 10, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
CentOS Update for freetype CESA-2015:0696 centos7
Check the version of freetype SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882138";...
RedHat Update for freetype RHSA-2015:0696-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
freetype security update
CentOS Errata and Security Advisory CESA-2015:0696 Updated freetype packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...
[USN-2510-1] FreeType vulnerabilities
========================================================================== Ubuntu Security Notice USN-2510-1 February 24, 2015 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
FreeType: Multiple vulnerabilities
Background FreeType is a high-quality and portable font engine. Description Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact A remote attacker can cause Denial of Service. Workaround There is no known workaround at...
USN-2510-1: FreeType vulnerabilities
Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...
FreeType 'tt_face_load_hdmx' Function Denial of Service Vulnerability
FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in the FreeType 'ttfaceloadhdm...
FreeType Denial of Service Vulnerability
FreeType is the FreeType team developed a C-based , high-quality and portable open source font engine library , it can be used to rasterize the characters and mapped to bitmap and provide other font-related business support . A denial of service vulnerability exists in FreeType that could allow a...
Microsoft Windows Embedded OpenType Font Engine LZCOMP Integer Overflow - Ver2 (CVE-2010-0018)
An integer overflow vulnerability has been reported in Microsoft Windows Embedded OpenType Font Engine. The vulnerability is due to insufficient validation while processing an EOT font. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...
[USN-2148-1] FreeType vulnerabilities
========================================================================== Ubuntu Security Notice USN-2148-1 March 17, 2014 freetype vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
USN-2148-1: FreeType vulnerabilities
Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. CVE-2014-2240, CVE-2014-2241...
Oracle Linux 3 : freetype (ELSA-2010-0736)
From Red Hat Security Advisory 2010:0736 : Updated freetype packages that fix three security issues are now available for Red Hat Enterprise Linux 3. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...
Oracle Linux 4 : freetype (ELSA-2011-1161)
From Red Hat Security Advisory 2011:1161 : Updated freetype packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...