Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
font project font vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1808
Multiple off-by-one errors in FreeType2 prior to 2.3.6 allow context-dependent malicious users to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer ...
Freetype Freetype 2.0.9
Freetype Freetype 2.1.10
Freetype Freetype 2.3.4
Freetype Freetype 2.3.5
Freetype Freetype 1.3.1
Freetype Freetype 2.0.6
Freetype Freetype 2.2.10
Freetype Freetype 2.3.3
Freetype Freetype 2.2.0
Freetype Freetype 2.2.1
Freetype Freetype 2.1.7
Freetype Freetype 2.1.9
NA
CVE-2008-3658
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x prior to 4.4.9 and PHP 5.2 prior to 5.2.6-r6 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.2.0
Php Php 5.2.1
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.4.4
Php Php 4.4.5
Php Php 4.4.6
Php Php 5.2.4
Php Php 5.2.5
Php Php 4.4.7
Php Php 4.4.8
Php Php 5.2.6
NA
CVE-2008-1806
Integer overflow in FreeType2 prior to 2.3.6 allows context-dependent malicious users to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
Freetype Freetype 2.3.4
Freetype Freetype 2.3.5
Freetype Freetype 1.3.1
Freetype Freetype 2.3.3
NA
CVE-2008-1807
FreeType2 prior to 2.3.6 allow context-dependent malicious users to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
Freetype Freetype 1.3.1
Freetype Freetype 2.3.5
Freetype Freetype 2.3.3
Freetype Freetype 2.3.4
NA
CVE-2008-3660
PHP 4.4.x prior to 4.4.9, and 5.x up to and including 5.2.6, when used as a FastCGI module, allows remote malicious users to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 5.2.0
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.2.3
Php Php 5.2.4
Php Php 4.4.6
Php Php 4.4.7
Php Php 5.2.5
Php Php 5.2.6
NA
CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont prior to 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
Mandrakesoft Mandrake Multi Network Firewall 2.0
X.org Libxfont 1.2.2
Redhat Enterprise Linux 2.1
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux 4.0
Redhat Fedora Core Core 1.0
Redhat Linux 9.0
Redhat Enterprise Linux Desktop 5.0
Redhat Linux Advanced Workstation 2.1
Redhat Enterprise Linux Desktop 3.0
Redhat Enterprise Linux Desktop 4.0
Slackware Slackware Linux Current
Slackware Slackware Linux 9.0
Slackware Slackware Linux 9.1
Turbolinux Turbolinux Desktop 10.0
Ubuntu Ubuntu Linux 5.10
Ubuntu Ubuntu Linux 6.06 Lts
Ubuntu Ubuntu Linux 6.10
Ubuntu Ubuntu Linux 4.1
Rpath Linux 1
Openbsd Openbsd 3.9
Openbsd Openbsd 4.0
NA
CVE-2007-1003
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions prior to 20070403, allows remote authenticated users to execute arbitrary code via a large expression, which results in...
X.org X11 7.1 1.1.0
NA
CVE-2008-3659
Buffer overflow in the memnstr function in PHP 4.4.x prior to 4.4.9 and PHP 5.6 up to and including 5.2.6 allows context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the delimiter argument to the explode function. NOTE: th...
Php Php 4.4.0
Php Php 4.4.1
Php Php 4.4.8
Php Php 5.2.0
Php Php 4.4.2
Php Php 4.4.3
Php Php 5.2.1
Php Php 5.2.2
Php Php 5.2.3
Php Php 4.4.4
Php Php 4.4.5
Php Php 5.2.4
Php Php 5.2.5
Php Php 4.4.6
Php Php 4.4.7
Php Php 5.2.6
NA
CVE-2006-2661
ftutil.c in Freetype prior to 2.2 allows remote malicious users to cause a denial of service (crash) via a crafted font file that triggers a null dereference.
Freetype Freetype
Debian Debian Linux 3.0
Debian Debian Linux 3.1
Canonical Ubuntu Linux 5.04
Canonical Ubuntu Linux 5.10
Canonical Ubuntu Linux 6.06
1 EDB exploit
NA
CVE-2006-3467
Integer overflow in FreeType prior to 2.2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PCF file, as demonstrated by the Red Hat bad1.pcf test file, due to a partial fix of CVE-2006-1861.
Freetype Freetype
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »