Published: 18/03/2014 Updated: 01/04/2014

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType prior to 2.5.3 do not properly check if a subroutine exists, which allows remote malicious users to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
freetype freetype 2.5
freetype freetype 2.5.1
freetype freetype
canonical ubuntu linux 13.10

Debian Bug report logs - #741299 freetype: CVE-2014-2240, CVE-2014-2241: stack OOB read/write, DoS Package: src:freetype; Maintainer for src:freetype is Hugh McMaster <hughmcmaster@outlookcom>; Reported by: Raphael Geissert <geissert@debianorg> Date: Mon, 10 Mar 2014 22:21:01 UTC Severity: grave Tags: patch, secur ...

FreeType could be made to crash or run programs as your login if it opened a specially crafted font file ...

The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ftc in FreeType before 253 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file ...

CWE-20 http://www.openwall.com/lists/oss-security/2014/03/12/4 http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=135c3faebb96f8f550bd4f318716f2e1e095a969 http://savannah.nongnu.org/bugs/?41697 http://www.ubuntu.com/usn/USN-2148-1 http://secunia.com/advisories/57447 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741299 https://usn.ubuntu.com/2148-1/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2014-2241

CVE-2014-2241

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect