Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-9660

Опубликовано: 08 фев. 2015
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5

Описание

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.

РелизСтатусПримечание
devel

released

2.5.2-2ubuntu3
esm-infra-legacy/trusty

not-affected

2.5.2-1ubuntu2.4
lucid

released

2.3.11-1ubuntu2.8
precise

released

2.4.8-1ubuntu2.2
trusty

released

2.5.2-1ubuntu2.4
trusty/esm

not-affected

2.5.2-1ubuntu2.4
upstream

released

2.5.4
utopic

released

2.5.2-2ubuntu1.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%
0.0356
Низкий

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-9660

redhat
почти 11 лет назад

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.

nvd логотип

CVE-2014-9660

nvd
больше 10 лет назад

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.

debian логотип

CVE-2014-9660

debian
больше 10 лет назад

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5. ...

github логотип

GHSA-gmc8-5qj2-cm28

github
больше 3 лет назад

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.

oracle-oval логотип

ELSA-2015-0696

oracle-oval
больше 10 лет назад

ELSA-2015-0696: freetype security update (IMPORTANT)

EPSS

Процентиль: 87%
0.0356
Низкий

7.5 High

CVSS2