Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype freetype vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-1806
Integer overflow in FreeType2 prior to 2.3.6 allows context-dependent malicious users to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
Freetype Freetype 2.3.4
Freetype Freetype 2.3.5
Freetype Freetype 1.3.1
Freetype Freetype 2.3.3
7.5
CVSSv2
CVE-2008-1807
FreeType2 prior to 2.3.6 allow context-dependent malicious users to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
Freetype Freetype 1.3.1
Freetype Freetype 2.3.5
Freetype Freetype 2.3.3
Freetype Freetype 2.3.4
6.8
CVSSv2
CVE-2014-2241
The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType prior to 2.5.3 do not properly check if a subroutine exists, which allows remote malicious users to cause a denial of service (assertion failure), as demonstrated by a crafte...
Freetype Freetype 2.5
Freetype Freetype 2.5.1
Freetype Freetype
Canonical Ubuntu Linux 13.10
9.3
CVSSv2
CVE-2011-0226
Integer signedness error in psaux/t1decode.c in FreeType prior to 2.4.6, as used in CoreGraphics in Apple iOS prior to 4.2.9 and 4.3.x prior to 4.3.4 and other products, allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and ap...
Freetype Freetype 2.4.3
Freetype Freetype 2.4.2
Freetype Freetype 2.3.8
Freetype Freetype 2.3.7
Freetype Freetype 2.3.0
Freetype Freetype 2.2.1
Freetype Freetype 2.4.1
Freetype Freetype 2.4.0
Freetype Freetype 2.3.6
Freetype Freetype 2.3.5
Freetype Freetype 2.2.10
Freetype Freetype
Freetype Freetype 2.3.9
Freetype Freetype 2.3.10
Freetype Freetype 2.3.4
Freetype Freetype 2.3.3
Freetype Freetype 2.4.4
Freetype Freetype 2.3.11
Freetype Freetype 2.3.12
Freetype Freetype 2.3.2
Freetype Freetype 2.3.1
Apple Iphone Os 4.0
7.5
CVSSv2
CVE-2017-8287
FreeType 2 prior to 2017-03-26 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_builder_close_contour function in psaux/psobjs.c.
Freetype Freetype
7.5
CVSSv2
CVE-2006-3467
Integer overflow in FreeType prior to 2.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
Freetype Freetype
7.5
CVSSv2
CVE-2015-9290
In FreeType prior to 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
Freetype Freetype
7.5
CVSSv2
CVE-2017-7857
FreeType 2 prior to 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
Freetype Freetype
7.5
CVSSv2
CVE-2017-7864
FreeType 2 prior to 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
Freetype Freetype
5
CVSSv2
CVE-2006-0747
Integer underflow in Freetype prior to 2.2 allows remote malicious users to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
Freetype Freetype
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »