Download
| Alert*
oval:org.secpod.oval:def:89043909
This update for freetype2 fixes the following security issues: - CVE-2016-10244: Make sure that the parse_charstrings function in type1/t1load.c does ensure that a font contains a glyph name to prevent a DoS through a heap-based buffer over-read or possibly have unspecified other impact via a crafte ... oval:org.secpod.oval:def:2101128 FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. oval:org.secpod.oval:def:1800863 CVE-2016-10244: parse_charstrings function in type1/t1load.c does not ensure that a font contains a glyph name oval:org.secpod.oval:def:1800868 CVE-2016-10244: parse_charstrings function in type1/t1load.c does not ensure that a font contains a glyph name. oval:org.secpod.oval:def:89002058 This update for freetype2 fixes the following issues: Security issue fixed: - CVE-2016-10244: The parse_charstrings function in type1/t1load.c did not ensure that a font contains a glyph name, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via ... oval:org.secpod.oval:def:703614 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file. oval:org.secpod.oval:def:112339 The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a font ... oval:org.secpod.oval:def:602864 Several vulnerabilities were discovered in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:703585 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file. oval:org.secpod.oval:def:112334 The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a font ... oval:org.secpod.oval:def:51783 freetype: FreeType 2 is a font engine library FreeType could be made to crash or run programs if it opened a specially crafted font file. |