Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype freetype 2.4.9 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-9746
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType prior to 2.5.4 do not check return values, wh...
Freetype Freetype
Debian Debian Linux 8.0
Debian Debian Linux 7.0
445
VMScore
CVE-2014-9747
The t42_parse_encoding function in type42/t42parse.c in FreeType prior to 2.5.4 does not properly update the current position for immediates-only mode, which allows remote malicious users to cause a denial of service (infinite loop) via a Type42 font.
Freetype Freetype
Debian Debian Linux 7.0
Debian Debian Linux 8.0
445
VMScore
CVE-2014-9745
The parse_encoding function in type1/t1load.c in FreeType prior to 2.5.3 allows remote malicious users to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
Freetype Freetype
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 13.1
605
VMScore
CVE-2014-9666
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType prior to 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote malicious users to cause a denial of service (integer overflow and out-of-bounds read) or possibly have...
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Oracle Solaris 10.0
Oracle Solaris 11.2
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server Eus 6.6.z
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Hpc Node 6
Redhat Enterprise Linux Desktop 7.0
Fedoraproject Fedora 21
605
VMScore
CVE-2014-9667
sfnt/ttload.c in FreeType prior to 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote malicious users to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFN...
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Freetype Freetype
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Hpc Node 6
Redhat Enterprise Linux Server Eus 6.6.z
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Desktop 7.0
605
VMScore
CVE-2014-9669
Multiple integer overflows in sfnt/ttcmap.c in FreeType prior to 2.5.4 allow remote malicious users to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Freetype Freetype
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Server Eus 6.6.z
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Hpc Node 6
Redhat Enterprise Linux Desktop 6.0
Oracle Solaris 11.2
Oracle Solaris 10.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Debian Debian Linux 7.0
383
VMScore
CVE-2014-9670
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType prior to 2.5.4 allow remote malicious users to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies neg...
Debian Debian Linux 7.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Oracle Solaris 10.0
Oracle Solaris 11.2
Redhat Enterprise Linux Server Eus 6.6.z
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Hpc Node 6
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Workstation 7.0
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
383
VMScore
CVE-2014-9671
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType prior to 2.5.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incre...
Redhat Enterprise Linux Server Eus 7.1
Redhat Enterprise Linux Hpc Node Eus 7.1
Redhat Enterprise Linux Server Eus 6.6.z
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Hpc Node 6
Redhat Enterprise Linux Desktop 6.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Oracle Solaris 10.0
Oracle Solaris 11.2
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Freetype Freetype
516
VMScore
CVE-2014-9672
Array index error in the parse_fond function in base/ftmac.c in FreeType prior to 2.5.4 allows remote malicious users to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.
Oracle Solaris 11.2
Oracle Solaris 10.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Freetype Freetype
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
668
VMScore
CVE-2014-9656
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType prior to 2.5.4 does not properly check for an integer overflow, which allows remote malicious users to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenT...
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Freetype Freetype
Debian Debian Linux 7.0
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »