Download
| Alert*
oval:org.secpod.oval:def:602244
It was discovered that FreeType did not properly handle some malformed inputs. This could allow remote attackers to cause a denial of service via crafted font files. oval:org.secpod.oval:def:600668 It was discovered that missing input sanitising in Freetype"s processing of CID-keyed fonts could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600680 It was discovered that missing input sanitising in Freetype"s glyph handling could lead to memory corruption, resulting in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:601594 libfreetype6-dev is installed oval:org.secpod.oval:def:600604 It was discovered that insufficient input saniting in Freetype"s code to parse Type1 could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600753 Mateusz Jurczyk from the Google Security Team discovered several vulnerabilties in Freetype"s parsing of BDF, Type1 and TrueType fonts, which could result in the execution of arbitrary code if a malformed font file is processed. oval:org.secpod.oval:def:601984 Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:602358 Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:602864 Several vulnerabilities were discovered in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. |