Showing 1 - 4 of 4

CVE-2014-2240

Status Candidate

Overview

Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.

Related Files

Mandriva Linux Security Advisory 2015-089: Posted Mar 30, 2015; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2015-089 - Updated freetype2 packages fix multiple security vulnerabilities.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2014-2240, CVE-2014-2241, CVE-2014-9656, CVE-2014-9657, CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9662, CVE-2014-9663, CVE-2014-9664, CVE-2014-9666, CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9672, CVE-2014-9673, CVE-2014-9674, CVE-2014-9675; SHA-256 | d9af0018e0e96e3e988540710f546c85f77672c5edfba6bb08db2d042cb23ace; Download | Favorite | View

Slackware Security Advisory - freetype Updates: Posted Jan 19, 2015; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.; tags | advisory; systems | linux, slackware; advisories | CVE-2014-2240; SHA-256 | f32f37069f9b22d92472ceeef8c056b5606a6f784a3aa07efad50b8ba7a8e811; Download | Favorite | View

Gentoo Linux Security Advisory 201408-02: Posted Aug 11, 2014; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201408-2 - A vulnerability in FreeType could result in execution of arbitrary code or Denial of Service. Versions less than 2.5.3-r1 are affected.; tags | advisory, denial of service, arbitrary; systems | linux, gentoo; advisories | CVE-2014-2240; SHA-256 | 90bec08d103b2c2f1e3514f1d73fa1ce766274489a45a1a69a20dda0decf2f91; Download | Favorite | View

Ubuntu Security Notice USN-2148-1: Posted Mar 17, 2014; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2148-1 - Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.; tags | advisory, remote, arbitrary; systems | linux, ubuntu; advisories | CVE-2014-2240, CVE-2014-2241; SHA-256 | ce272d6112e6a6e0074772ccf2c88f12920d5bc54c5834c8e94218806a3ddccf; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2014-2240

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems