Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-9746

Опубликовано: 22 янв. 2014
Источник: redhat
CVSS2: 2.1
EPSS Низкий

Описание

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5freetypeWill not fix
Red Hat Enterprise Linux 6freetypeWill not fix
Red Hat Enterprise Linux 7freetypeWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=1262373freetype: Use of uninitialized memory

EPSS

Процентиль: 74%
0.00847
Низкий

2.1 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-9746

CVSS3: 9.8
ubuntu
больше 9 лет назад

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.

nvd логотип

CVE-2014-9746

CVSS3: 9.8
nvd
больше 9 лет назад

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.

debian логотип

CVE-2014-9746

CVSS3: 9.8
debian
больше 9 лет назад

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse ...

github логотип

GHSA-pmv7-6mc8-3vhg

CVSS3: 9.8
github
больше 3 лет назад

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.

EPSS

Процентиль: 74%
0.00847
Низкий

2.1 Low

CVSS2