CVE-2020-15999

Опубликовано: 03 нояб. 2020

Источник: debian

Описание

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
freetype	fixed	2.10.2+dfsg-4		package

Примечания

https://www.openwall.com/lists/oss-security/2020/10/20/7
https://savannah.nongnu.org/bugs/?59308
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a3bab162b2ae616074c8877a04556932998aeacd
https://bugs.chromium.org/p/project-zero/issues/detail?id=2103

Связанные уязвимости

CVE-2020-15999

CVSS3: 9.6

ubuntu

больше 4 лет назад

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-15999

CVSS3: 8.6

redhat

больше 4 лет назад

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-15999

CVSS3: 9.6

nvd

больше 4 лет назад

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-15999

CVSS3: 6.5

msrc

4 месяца назад

Описание отсутствует

openSUSE-SU-2020:1744-1

suse-cvrf

больше 4 лет назад

Security update for freetype2