28 matches found
EUVD-2014-9481
Malware in sbrugna...
EUVD-2014-9480
Malware in sbrugna...
EUVD-2006-3462
Malware in sbrugna...
SUSE CVE-2006-3467
Integer overflow in FreeType before 2.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861...
CVE-2022-23319
A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...
CVE-2022-23319
A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...
CVE-2022-23319
A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...
CVE-2022-23319
The CVE-2022-23319 entry concerns a segmentation fault in the PCF file parser of pcf2bdf, affecting versions >= 1.05. The vulnerability triggers crash via a crafted PCF font, impacting software availability and dependent components. Connected sources (NVD, OSV, Debian/Tenable variants) confirm...
Debian DLA-1126-1 : libxfont security update
It was discovered that there two vulnerabilities the library providing font selection and rasterisation, libxfont : - CVE-2017-13720: If a pattern contained a '?' character any character in the string is skipped even if it was a '\0'. The rest of the matching then read invalid memory. -...
libXfont -- multiple memory leaks
The freedesktop.org project reports: If a pattern contains '?' character, any character in the string is skipped, even if it is '\0'. The rest of the matching then reads invalid memory. Without the checks a malformed PCF file can cause the library to make atom from random heap memory that was...
FreeType 'pcf_get_properties' Denial of Service Vulnerability
FreeType is a library of popular font functions. A denial of service vulnerability exists in FreeType 'pcfgetproperties' that allows remote attackers to launch a denial of service attack by crafting a PCF file...
CVE-2014-9671
Off-by-one error in the pcfgetproperties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PCF file with a 0xffffffff size value that is improperly incremented...
DEBIAN-CVE-2014-9671
Off-by-one error in the pcfgetproperties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PCF file with a 0xffffffff size value that is improperly incremented...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
DEBIAN-CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
Null pointer dereference
Off-by-one error in the pcfgetproperties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PCF file with a 0xffffffff size value that is improperly incremented...
Integer overflow
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9671
Off-by-one error in the pcfgetproperties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted PCF file with a 0xffffffff size value that is improperly incremented...