28 matches found
📄 FreeType Font Rendering Overflow Test Harness / Crash Detection
This C program is a testing harness built around the FreeType font rendering library to detect potential memory corruption issues such as heap buffer overflows when loading malicious or malformed TrueType font files...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the source.view path in font/sfnt. An attacker can force the parser to allocate a large read buffer by supplying a corrupt or malicious font file that advertises data beyond the file's...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
USN-6062-1 freetype vulnerability
It was discovered that FreeType incorrectly handled certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code...
Apple ImageIO Buffer Error Vulnerability
Apple ImageIO is an Apple Inc. component necessary for parsing and writing image data in IOS mobile devices. A security vulnerability exists in Apple ImageIO where processing of maliciously crafted fonts may result in a process memory leak. The following products and versions are affected: macOS...
USN-4593-2 freetype vulnerability
USN-4593-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font...
USN-4593-1 freetype vulnerability
Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...
USN-3398-1: graphite2 vulnerabilities
Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or...
USN-2927-1: graphite2 vulnerabilities
It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary...