Denial Of Service (DoS)

tc-lib-pdf-font is vulnerable to Denial Of Service DoS. The vulnerability is due to inadequate validation and handling of font metadata, specifically the FontBBox for Type 1 and TrueType fonts, in tc-lib-pdf-font, allows the font data to be misparsed, leading to potential security issues...

SUSE CVE-2020-5395

FontForge 20190801 has a use-after-free in SFDGetFontMetaData in sfd.c...

SUSE: Security Advisory (SUSE-SU-2014:0774-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c

An out-of-bounds write was discovered in fontforge while parsing SFD files containing very large LayerCount tokens. The flaw allows an attacker to overwrite data before a buffer allocated on the heap, thus causing the application to crash or execute arbitrary code...

fontforge: out-of-bounds write in SFD_GetFontMetaData function in sfd.c

An out-of-bounds write was discovered in fontforge while parsing SFD files containing very large LayerCount tokens. The flaw allows an attacker to overwrite data before a buffer allocated on the heap, thus causing the application to crash or execute arbitrary code...

FontForge Resource Management Error Vulnerability

FontForge is an open source font editing tool that supports multiple languages. A resource management error vulnerability exists in the 'SFDGetFontMetaData' function of the sfd.c file in FontForge version 20190801. The vulnerability stems from mismanagement of system resources e.g., memory, disk...

DEBIAN-CVE-2020-5395

FontForge 20190801 has a use-after-free in SFDGetFontMetaData in sfd.c...

UBUNTU-CVE-2020-5395

FontForge 20190801 has a use-after-free in SFDGetFontMetaData in sfd.c...

Oracle Linux 5 : libXfont (ELSA-2014-1893)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1893 advisory. - CVE-2014-0209: integer overflow of allocations in font metadata file parsing bug 1163602, bug 1163601 - CVE-2014-0210: unvalidated length fields when...

libXfont: integer overflow of allocations in font metadata file parsing

A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server...

libXfont security update

1.2.2-1.0.6 - CVE-2014-0209: integer overflow of allocations in font metadata file parsing bug 1163602, bug 1163601 - CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies bug 1163602, bug 1163601 - CVE-2014-0211: integer overflows calculating memory needs for xfs replies bug...

libXfont: integer overflow of allocations in font metadata file parsing

A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server...

Mandriva Linux Security Advisory : libxfont (MDVSA-2014:132)

Updated libxfont packages fix security vulnerabilities : Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges CVE-2014-0209. Ilja...

MGASA-2014-0278 Updated libxfont packages fix security vulnerabilities

Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges CVE-2014-0209. Ilja van Sprundel discovered that libXfont incorrectly handled...

openSUSE Security Update : libXfont (openSUSE-SU-2014:0711-1)

libxfont was updated to fix multiple vulnerabilities : - Integer overflow of allocations in font metadata file parsing CVE-2014-0209. - Unvalidated length fields when parsing xfs protocol replies CVE-2014-0210. - Integer overflows calculating memory needs for xfs replies CVE-2014-0211. These...

Ubuntu 14.04 LTS : libXfont vulnerabilities (USN-2211-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2211-1 advisory. Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to...

[oss-security] Fwd: [ANNOUNCE] X.Org Security Advisory: Multiple issues in libXfont

ANNOUNCE XOrg Security Advisory: Multiple issues in libXfont.eml Тема: ANNOUNCE X.Org Security Advisory: Multiple issues in libXfont От: Alan Coopersmith [email protected] Дата: 13.05.2014 19:08 Кому: [email protected] Копия: [email protected], [email protected] X.Org Securi...

[USN-2211-1] libXfont vulnerabilities

========================================================================== Ubuntu Security Notice USN-2211-1 May 14, 2014 libxfont vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

USN-2211-1: libXfont vulnerabilities

Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. CVE-2014-0209 Ilja van Sprundel discovered that libXfont incorrectly handled...

USN-2211-1 libxfont vulnerabilities

Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. CVE-2014-0209 Ilja van Sprundel discovered that libXfont incorrectly handled...