NewStart CGSL MAIN 4.05 : freetype Multiple Vulnerabilities (NS-SA-2020-0015)

The remote NewStart CGSL host, running version MAIN 4.05, has freetype packages installed that are affected by multiple vulnerabilities: - FreeType before 2.6.1 has a heap-based buffer over-read in T1GetPrivateDict in type1/t1parse.c. CVE-2015-9381 - FreeType before 2.6.1 has a buffer over-read i...

Medium: freetype

Issue Overview: FreeType before 2.6.1 has a heap-based buffer over-read in T1GetPrivateDict in type1/t1parse.c. CVE-2015-9381 FreeType before 2.6.1 has a buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation. CVE-2015-9382...

freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read

FreeType before 2.6.1 has a buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation...

Design/Logic Flaw

FreeType before 2.6.1 has a buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation...

CVE-2015-9382

FreeType before 2.6.1 has a buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation...

UBUNTU-CVE-2015-9382

FreeType before 2.6.1 has a buffer over-read in skipcomment in psaux/psobjs.c because psparserskipPStoken is mishandled in an FTNewMemoryFace operation...