RSS   Vulnerabilities for 'Freetype2'   RSS

2018-02-13
 
CVE-2018-6942

CWE-476
 

 
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.

 
2017-04-26
 
CVE-2017-8287

CWE-119
 

 
FreeType 2 before 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.

 
2017-04-24
 
CVE-2017-8105

CWE-787
 

 
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

 
2017-04-14
 
CVE-2017-7864

 

 
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.

 
 
CVE-2017-7858

 

 
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

 
 
CVE-2017-7857

 

 
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

 
 
CVE-2016-10328

 

 
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.

 
2017-03-06
 
CVE-2016-10244

CWE-125
 

 
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.

 

 >>> Vendor: Freetype 2 Products
Freetype
Freetype2


Copyright 2020, cxsecurity.com

 

Back to Top