CVE-2014-9746

CVE-2014-9746 affects FreeType before 2.5.4. The functions t1_parse_font_matrix (type1/t1load.c), cid_parse_font_matrix (cid/cidload.c), t42_parse_font_matrix (type42/t42parse.c), and ps_parser_load_field (psaux/psobjs.c) do not check return values, enabling potential denial of service via uninit...

SUSE SLES11 Security Update : freetype2 (SUSE-SU-2016:1149-1)

This update of the freetype2 library fixes two security issues : - An infinite loop in parseencoding in t1load.c CVE-2014-9745, bsc945849 - Use of uninitialized memory in psparserloadfield, t42parsefontmatrix and t1parsefontmatrix CVE-2014-9747, bsc947966 Note that Tenable Network Security has...

FreeType parse_encoding function denial of service vulnerability

FreeType is a library of popular font functions. A security vulnerability exists in the parseencoding function of type1/t1load.c in versions of FreeType prior to 2.5.3, which can be exploited by remote attackers to cause a denial of service infinite loop...

CVE-2014-9745

CVE-2014-9745 affects FreeType: the parse_encoding path in type1/t1load.c (before 2.5.3) can be triggered by a crafted PostScript stream (e.g., 8#garbage) to cause a denial of service. Public docs consistently cite this as a DoS via broken number-with-base; affected versions are