Lucene search
K

7 matches found

Veracode
Veracode
added 2020/12/06 3:30 a.m.15 views

Denial Of Service (DoS)

gnome-font-viewer is vulnerable to denial of service. The vulnerability exists in texttoglyphs function of sushi-font-widget.c due to a NULL pointer dereference which allows an attacker to crash the application via a malicious TTF font file that does not have a name section...

5.5CVSS5.2AI score0.00899EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2019/11/27 2:37 p.m.29 views

CVE-2019-19308

In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section due to a gstrconcat call that returns NULL...

5.4AI score0.00899EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2019/11/27 2:37 p.m.32 views

CVE-2019-19308

In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section due to a gstrconcat call that returns NULL...

5.5CVSS5.4AI score0.00899EPSS
Exploits0
NVD
NVD
added 2015/02/08 11:59 a.m.20 views

CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

7.5CVSS7.2AI score0.04892EPSS
Exploits1References10
CVE
CVE
added 2015/02/08 11:0 a.m.83 views

CVE-2014-9665

CVE-2014-9665 affects FreeType before 2.5.4, where Load_SBit_Png in sfnt/pngshim.c does not constrain rows/pitch when parsing PNG data embedded in a TTF font. This can trigger an integer overflow and heap-based buffer overflow, leading to denial of service (and possibly other impact) per the CVE ...

7.5CVSS8.3AI score0.04892EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2015/02/08 11:0 a.m.29 views

CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

7.6AI score0.04892EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2015/02/08 11:0 a.m.41 views

CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

7.5CVSS7.7AI score0.04892EPSS
Exploits1
Rows per page
Query Builder