7 matches found
Arbitrary Code Execution
freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...
Denial Of Service (DoS)
OpenJDK is vulnerable to denial of service DoS. The attack exists because it does not perform glyph bitmap image dimension check in FreetypeFontScaler...
Microsoft Windows Graphics Memory Corruption (MS16-039: CVE-2016-0145)
A vulnerability was found in Microsoft Windows that could potentially lead to remote code execution. The main cause is the lack of validation on glyph bitmap boundary during scaling operation. This vulnerability can be exploited using a malformed font file TTF...
MGASA-2014-0020 Updated libxfont packages fix security vulnerability
Updated libxfont packages fix security vulnerability: It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts BDF could result in the execution of arbitrary code CVE-2013-6462...
Debian Security Advisory DSA 2838-1 (libxfont - buffer overflow)
It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts BDF could result in the execution of arbitrary code. OpenVAS Vulnerability Test $Id: deb2838.nasl 6715 2017-07-13 09:57:40Z teissa $ Auto-generated from advisory DSA 2838-1 using nvtgen 1.0 Script versio...
Amazon Linux AMI : freetype (ALAS-2013-150)
A flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format BDF fonts. If a user loaded a specially crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code wit...
freetype security update
CentOS Errata and Security Advisory CESA-2013:0216 Updated freetype packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS...