Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype freetype vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2527
Multiple buffer overflows in demo programs in FreeType prior to 2.4.0 allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Debian Debian Linux 5.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
NA
CVE-2010-3054
Unspecified vulnerability in FreeType 2.3.9, and other versions prior to 2.4.2, allows remote malicious users to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode....
Freetype Freetype 2.3.9
Freetype Freetype 2.3.10
Freetype Freetype 2.4.0
Freetype Freetype 2.4.1
Freetype Freetype 2.3.11
Freetype Freetype 2.3.12
NA
CVE-2010-1797
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType prior to 2.4.2, as used in Apple iOS prior to 4.0.2 on the iPhone and iPod touch and prior to 3.2.2 on the iPad, allow remote...
Apple Iphone Os 1.0.0
Apple Iphone Os 1.1.0
Apple Iphone Os 1.1.1
Apple Iphone Os 1.1.3
Apple Iphone Os 2.0
Apple Iphone Os 2.0.0
Apple Iphone Os 2.0.2
Apple Iphone Os 2.1
Apple Iphone Os 2.2.1
Apple Iphone Os 2.2
Apple Iphone Os 3.1.2
Apple Iphone Os 1.0.1
Apple Iphone Os 1.1.4
Apple Iphone Os 2.0.1
Apple Iphone Os 2.1.1
Apple Iphone Os 3.0
Apple Iphone Os 3.0.1
Apple Iphone Os 3.1.3
Apple Iphone Os 3.2
Apple Iphone Os 4.0
Apple Iphone Os 1.0.2
Apple Iphone Os 1.1.2
2 EDB exploits
1 Github repository
NA
CVE-2009-0946
Multiple integer overflows in FreeType 2.3.9 and previous versions allow remote malicious users to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
Freetype Freetype
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.04
Opensuse Opensuse 10.3
Opensuse Opensuse 11.0
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 10
Suse Linux Enterprise Server 11
Apple Safari 4.0
Apple Iphone Os
Apple Mac Os X 10.4.11
Apple Mac Os X 10.5.8
Apple Mac Os X
Apple Mac Os X Server 10.4.11
Apple Mac Os X Server 10.5.8
Apple Mac Os X Server
NA
CVE-2008-1806
Integer overflow in FreeType2 prior to 2.3.6 allows context-dependent malicious users to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
Freetype Freetype 2.3.4
Freetype Freetype 2.3.5
Freetype Freetype 1.3.1
Freetype Freetype 2.3.3
NA
CVE-2008-1807
FreeType2 prior to 2.3.6 allow context-dependent malicious users to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
Freetype Freetype 1.3.1
Freetype Freetype 2.3.5
Freetype Freetype 2.3.3
Freetype Freetype 2.3.4
NA
CVE-2008-1808
Multiple off-by-one errors in FreeType2 prior to 2.3.6 allow context-dependent malicious users to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer ...
Freetype Freetype 2.0.9
Freetype Freetype 2.1.10
Freetype Freetype 2.3.4
Freetype Freetype 2.3.5
Freetype Freetype 1.3.1
Freetype Freetype 2.0.6
Freetype Freetype 2.2.10
Freetype Freetype 2.3.3
Freetype Freetype 2.2.0
Freetype Freetype 2.2.1
Freetype Freetype 2.1.7
Freetype Freetype 2.1.9
NA
CVE-2007-3506
The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent malicious users to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug.&q...
Freetype Freetype
NA
CVE-2007-3408
Multiple unspecified vulnerabilities in Dia prior to 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351.
Dia Dia
NA
CVE-2007-2754
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and previous versions might allow remote malicious users to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
Freetype Freetype
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »