Show filters
93 Total Results
Displaying 21-30 of 93
Sort by:
Attacker Value
Unknown
CVE-2014-9674
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
0
Attacker Value
Unknown
CVE-2014-9668
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.
0
Attacker Value
Unknown
CVE-2014-9666
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
0
Attacker Value
Unknown
CVE-2014-9671
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
0
Attacker Value
Unknown
CVE-2014-9663
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
0
Attacker Value
Unknown
CVE-2014-9659
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.
0
Attacker Value
Unknown
CVE-2014-9665
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.
0
Attacker Value
Unknown
CVE-2014-9669
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
0
Attacker Value
Unknown
CVE-2014-9667
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
0
Attacker Value
Unknown
CVE-2014-9672
Disclosure Date: February 08, 2015 (last updated October 05, 2023)
Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.
0