7 matches found
Denial Of Service (DoS)
gnome-font-viewer is vulnerable to denial of service. The vulnerability exists in texttoglyphs function of sushi-font-widget.c due to a NULL pointer dereference which allows an attacker to crash the application via a malicious TTF font file that does not have a name section...
CVE-2019-19308
In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section due to a gstrconcat call that returns NULL...
CVE-2019-19308
In texttoglyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section due to a gstrconcat call that returns NULL...
CVE-2014-9665
The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...
CVE-2014-9665
CVE-2014-9665 affects FreeType before 2.5.4, where Load_SBit_Png in sfnt/pngshim.c does not constrain rows/pitch when parsing PNG data embedded in a TTF font. This can trigger an integer overflow and heap-based buffer overflow, leading to denial of service (and possibly other impact) per the CVE ...
CVE-2014-9665
The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...
CVE-2014-9665
The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...