Описание
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.5.2-2ubuntu3 |
| esm-infra-legacy/trusty | released | 2.5.2-1ubuntu2.4 |
| lucid | released | 2.3.11-1ubuntu2.8 |
| precise | released | 2.4.8-1ubuntu2.2 |
| trusty | released | 2.5.2-1ubuntu2.4 |
| trusty/esm | released | 2.5.2-1ubuntu2.4 |
| upstream | released | 2.5.4 |
| utopic | released | 2.5.2-2ubuntu1.1 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
FreeType before 2.5.4 does not check for the end of the data during ce ...
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
EPSS
6.8 Medium
CVSS2