[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2015-0696 -- Oracle freetype

ID: oval:org.secpod.oval:def:1500945Date: (C)2015-03-24   (M)2022-10-10
Class: PATCHFamily: unix




The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

Platform:
Oracle Linux 7
Product:
freetype
Reference:
ELSA-2015-0696
CVE-2014-9674
CVE-2014-9673
CVE-2014-9670
CVE-2014-9669
CVE-2014-9667
CVE-2014-9660
CVE-2014-9663
CVE-2014-9657
CVE-2014-9664
CVE-2014-9661
CVE-2014-9671
CVE-2014-9658
CVE-2014-9675
CVE    13
CVE-2014-9658
CVE-2014-9669
CVE-2014-9657
CVE-2014-9664
...
CPE    3
cpe:/a:freetype:freetype
cpe:/a:freetype:freetype:2.5.3
cpe:/o:oracle:linux:7

© SecPod Technologies