Linux Distros Unpatched Vulnerability : CVE-2020-37011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file...

DEBIAN-CVE-2024-42358

PDFio is a simple C library for reading and writing PDF files. There is a denial of service DOS vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability...

Debian: Security Advisory (DSA-1302-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Bridge 11.x < 11.0.1 Multiple Vulnerabilities (APSB21-07)

The version of Adobe Bridge installed on the remote Windows host is prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-07 advisory. - Adobe Bridge version 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files...

Adobe Bridge 11.x < 11.0.1 Multiple Vulnerabilities (APSB21-07)

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 11.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-07 advisory. - Adobe Bridge version 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing T...

CVE-2021-21066

Adobe Bridge version 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2021-21065

Adobe Bridge version 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cross site scripting

Adobe Bridge version 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2021-21066

Adobe Bridge 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files, potentially allowing arbitrary code execution in the user’s context. Exploitation requires the user to open a crafted file. Remediation observed in advisories (APSB21-07) suggests updating to...

CVE-2021-21066 Adobe Bridge Font Parsing Out-Of-Bounds Write Arbitrary Code Execution Vulnerability

Adobe Bridge version 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2021-21065 Adobe Bridge Font Parsing Out-Of-Bounds Write Arbitrary Code Execution Vulnerability

Adobe Bridge version 11.0 and earlier is affected by an out-of-bounds write vulnerability when parsing TTF files that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2021-21065

Adobe Bridge (Windows/macOS) versions 11.0 and earlier are affected by an out-of-bounds write vulnerability in TTF font parsing that can lead to arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious font/file. Affected product...

freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png

A heap buffer overflow leading to out-of-bounds write was found in freetype. Memory allocation based on truncated PNG width and height values allows for an out-of-bounds write to occur in application memory when an attacker supplies a specially crafted TTF file...

Updated freetype2 packages fix security vulnerability

A heap buffer overflow has been found in freetype2 before 2.10.4. Malformed TTF files with PNG sbit glyphs can cause a heap buffer overflow in LoadSBitPng as libpng uses the original 32-bit values, which are saved in pngstruct. If the original width and/or height are greater than 65535, the...

MGASA-2020-0389 Updated freetype2 packages fix security vulnerability

A heap buffer overflow has been found in freetype2 before 2.10.4. Malformed TTF files with PNG sbit glyphs can cause a heap buffer overflow in LoadSBitPng as libpng uses the original 32-bit values, which are saved in pngstruct. If the original width and/or height are greater than 65535, the...

[ASA-202010-10] freetype2: arbitrary code execution

Arch Linux Security Advisory ASA-202010-10 ========================================== Severity: High Date : 2020-10-20 CVE-ID : CVE-2020-15999 Package : freetype2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1254 Summary ======= The package freetype2 befo...

[ASA-202010-11] lib32-freetype2: arbitrary code execution

Arch Linux Security Advisory ASA-202010-11 ========================================== Severity: High Date : 2020-10-20 CVE-ID : CVE-2020-15999 Package : lib32-freetype2 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1255 Summary ======= The package...

PT-2026-5286

Name of the Vulnerable Software and Affected Versions Gnome Fonts Viewer version 3.34.0 Description Gnome Fonts Viewer version 3.34.0 contains a heap corruption issue that allows attackers to trigger an out-of-bounds write by using a malicious TTF font file. An attacker can create a specially...

Microsoft Windows Kernel - win32k.sys TTF Font Processing - Out-of-Bounds Reads/Writes with Malforme

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1273 We have encountered a number of Windows kernel crashes in the win32k.sys driver while processing corrupted TTF font files. The most frequent one occurring for the bug reported...

SWFTools Denial of Service Vulnerability (CNVD-2017-15100)

SWFTools is a utility toolset for working with Adobe Flash files SWF files. A denial of service vulnerability exists in version 2013-04-09-1007 of SWFTools for Windows-based platforms. A remote attacker can exploit this vulnerability to cause a denial of service with malformed TTF files...