Описание
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
Ссылки
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.9 (включая)
cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00258
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-476
Связанные уязвимости
CVSS3: 6.5
ubuntu
почти 8 лет назад
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
CVSS3: 3.3
redhat
около 8 лет назад
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file.
CVSS3: 6.5
debian
почти 8 лет назад
An issue was discovered in FreeType 2 through 2.9. A NULL pointer dere ...
EPSS
Процентиль: 49%
0.00258
Низкий
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-476