Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-9674

Опубликовано: 08 фев. 2015
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5

Описание

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

РелизСтатусПримечание
devel

released

2.5.2-2ubuntu3
esm-infra-legacy/trusty

released

2.5.2-1ubuntu2.4
lucid

released

2.3.11-1ubuntu2.8
precise

released

2.4.8-1ubuntu2.2
trusty

released

2.5.2-1ubuntu2.4
trusty/esm

released

2.5.2-1ubuntu2.4
upstream

released

2.5.4
utopic

released

2.5.2-2ubuntu1.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%
0.05124
Низкий

7.5 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2014-9674

redhat
почти 11 лет назад

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

nvd логотип

CVE-2014-9674

nvd
почти 11 лет назад

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

debian логотип

CVE-2014-9674

debian
почти 11 лет назад

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType befor ...

github логотип

GHSA-7xpj-88fg-h2mj

github
больше 3 лет назад

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

oracle-oval логотип

ELSA-2015-0696

oracle-oval
больше 10 лет назад

ELSA-2015-0696: freetype security update (IMPORTANT)

EPSS

Процентиль: 89%
0.05124
Низкий

7.5 High

CVSS2