Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.
a863e2eb03f0ac1937834e096aa9a52158ef6e9eb8144f3d6df45b14d4002a27Mandriva Linux Security Advisory 2009-243 - Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem. Packages for 2008.0 are being provided due to extended support for Corporate products.
8e99862b3e7c30c8296ecae0ef73d87c4005145a03554e895d25de01550ed3d9Mandriva Linux Security Advisory 2009-243-1 - Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem. Correct a problem in the 2009.1 update of the lzw handling code.
35ae33bc1743f391ad90d66a2f9fb6e3e57bf0d6bd9fced8574951f19ccc1bb0Mandriva Linux Security Advisory 2009-243 - Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem.
695b6fd644397cb522d47bb5edcc04a4bbd7791fdbfd16e4d26337f53f47e910Gentoo Linux Security Advisory GLSA 200905-05 - Multiple integer overflows in FreeType might allow for the remote execution of arbitrary code or a Denial of Service. Tavis Ormandy reported multiple integer overflows in the cff_charset_compute_cids() function in cff/cffload.c, sfnt/tccmap.c and the ft_smooth_render_generic() function in smooth/ftsmooth.c, possibly leading to heap or stack-based buffer overflows. Versions less than 2.3.9-r1 are affected.
e9b36985a193949654f83a9a009ec43d8a047444740d6c527ab4e63b6108f5bbDebian Security Advisory 1784-1 - Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file.
23030ae394b9f2eb83a6a820d657a6c311fe75f42de42d3f647c0a1f15db45cbUbuntu Security Notice USN-767-1 - Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.
fcbb530895e7326fb202a6aa414fe44c0b4fd21bd3539ceb6f9c9b6147a1e569
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed