11 matches found
CVE-2022-31630
In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar function, the read outside allocated buffer will be used. This can lead to crashes or...
PHP 8.0.x < 8.0.25 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.0.25. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.0.25 advisory. - The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allow...
GLSA-202004-14 : FontForge: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202004-14 FontForge: Multiple vulnerabilities Multiple vulnerabilities have been discovered in FontForge. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a...
GLSA-201706-14 : FreeType: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201706-14 FreeType: Multiple vulnerabilities Multiple vulnerabilities have been discovered in FreeType. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to use a...
Libgraphite Bidirectional Font mFeatureMap Denial of Service Vulnerability
Talos Vulnerability Report TALOS-2016-0060 Libgraphite Bidirectional Font mFeatureMap Denial of Service Vulnerability February 5, 2016 CVE Number CVE-2016-1522 Description An exploitable NULL pointer dereference exists in the bidirectional font handling functionality of Libgraphite. A specially...
Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0057 Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1522 Description An exploitable out-of-bounds access vulnerability exists in the bidirectional font handling functionality of Libgraphite. A...
RedHat Update for freetype RHSA-2015:0696-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : firefox3-pango (ZYPP Patch Number 7460)
The following bug has been fixed : - Specially crafted font files could cause a heap corruption in applications linked against pango. CVE-2011-0020 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...
SuSE 11.1 Security Update : freetype2 (SAT Patch Number 4089)
Specially crafted font files could crash applications that use freetype2 to render the fonts. CVE-2010-3814 / CVE-2010-3855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself i...
OpenType Font (OTF) Format Driver Privilege Elevation Vulnerabilities (2279986)
This host is missing a critical security update according to Microsoft Bulletin MS10-078. OpenVAS Vulnerability Test $Id: secpodms10-078.nasl 5361 2017-02-20 11:57:13Z cfi $ OpenType Font OTF Format Driver Privilege Elevation Vulnerabilities 2279986 Authors: Madhuri D Copyright c 2010 SecPod,...
SuSE9 Security Update : pango (YOU Patch Number 12614)
Specially crafted font files could cause a memory corruption in pango. Attackers could potentially exploit that to execute arbitrary code CVE-2010-0421. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...