14 matches found
EUVD-2014-9475
Malware in sbrugna...
K000133070: Freetype vulnerability CVE-2020-15999
Security Advisory Description Freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng. CVE-2020-15999 Impact Certain library in F5OS requires the use of the vulnerable component. However, there is no known way to exploit this vulnerability on F5OS in default, standard, or...
Google Chrome FreeType Heap Buffer Overflow Vulnerability
Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function LoadSBitPng when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and...
CentOS 8 : freetype (CESA-2020:4952)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:4952 advisory. - freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 Note that Nessus has not tested for this issue but has instead...
Important: Red Hat Security Advisory: freetype security update
An update for freetype is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png
A heap buffer overflow leading to out-of-bounds write was found in freetype. Memory allocation based on truncated PNG width and height values allows for an out-of-bounds write to occur in application memory when an attacker supplies a specially crafted TTF file...
RLSA-2020:4952 Important: freetype security update
FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng CVE-2020-15999 For more details about the...
Heap Buffer Overflow
FreeType is vulnerable to heap-based buffer overflow due to integer truncation in LoadSBitPng...
RHEL 8 : freetype (RHSA-2020:4950)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4950 advisory. FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs...
CVE-2014-9665
The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...
Integer overflow
The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...
CVE-2014-9665
The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...
CVE-2014-9665
CVE-2014-9665 affects FreeType before 2.5.4, where Load_SBit_Png in sfnt/pngshim.c does not constrain rows/pitch when parsing PNG data embedded in a TTF font. This can trigger an integer overflow and heap-based buffer overflow, leading to denial of service (and possibly other impact) per the CVE ...
CVE-2014-9665
The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...