CVE-2017-8105

Опубликовано: 24 апр. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

Релиз	Статус	Примечание
devel	not-affected	2.6.3-3.2ubuntu1
esm-infra-legacy/trusty	released	2.5.2-1ubuntu2.8
esm-infra/xenial	released	2.6.1-0.1ubuntu2.3
precise	ignored	end of life
precise/esm	not-affected	2.4.8-1ubuntu2.6
trusty	released	2.5.2-1ubuntu2.8
trusty/esm	released	2.5.2-1ubuntu2.8
upstream	released	2.6.3-3.2
vivid/stable-phone-overlay	ignored	end of life
vivid/ubuntu-core	released	2.5.2-2ubuntu3.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%

0.00966

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2017-8105

CVSS3: 7

redhat

почти 9 лет назад

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

CVE-2017-8105

CVSS3: 9.8

nvd

почти 9 лет назад

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

CVE-2017-8105

CVSS3: 9.8

debian

почти 9 лет назад

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a he ...

GHSA-3f3f-jhpf-w85x

CVSS3: 9.8

github

больше 3 лет назад

FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

BDU:2017-01282

fstec

почти 9 лет назад

Уязвимость функции t1_decoder_parse_charstrings библиотеки FreeType, позволяющая нарушителю выполнить запись данных за границами буфера

EPSS

Процентиль: 76%

0.00966

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2017-8105

Описание

Пакет freetype

Ссылки на источники

Связанные уязвимости