Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
freetype vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-9745
The parse_encoding function in type1/t1load.c in FreeType prior to 2.5.3 allows remote malicious users to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
Freetype Freetype
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Opensuse Opensuse 13.1
NA
CVE-2010-2527
Multiple buffer overflows in demo programs in FreeType prior to 2.4.0 allow remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Debian Debian Linux 5.0
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
NA
CVE-2010-2498
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType prior to 2.4.0 does not properly implement hinting masks, which allows remote malicious users to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code...
Freetype Freetype
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Apple Mac Os X
Debian Debian Linux 5.0
NA
CVE-2010-2500
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType prior to 2.4.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Apple Mac Os X
Debian Debian Linux 5.0
NA
CVE-2010-2519
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType prior to 2.4.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in ...
Freetype Freetype
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Apple Mac Os X
Debian Debian Linux 5.0
NA
CVE-2010-2499
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType prior to 2.4.0 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragmen...
Freetype Freetype
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Apple Mac Os X
Debian Debian Linux 5.0
NA
CVE-2010-2520
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType prior to 2.4.0, when TrueType bytecode support is enabled, allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font fi...
Freetype Freetype
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Apple Mac Os X
Debian Debian Linux 5.0
NA
CVE-2010-2808
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType prior to 2.4.2 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka...
Freetype Freetype
Apple Mac Os X
Apple Iphone Os
Apple Tvos
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
NA
CVE-2010-2805
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType prior to 2.4.2 does not properly validate certain position values, which allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Freetype Freetype
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Apple Iphone Os
Apple Mac Os X
Apple Tvos
NA
CVE-2010-2806
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType prior to 2.4.2 allows remote malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font file...
Freetype Freetype
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 6.06
Apple Mac Os X
Apple Iphone Os
Apple Tvos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »