Vulnerabilities > Freetype

DATE CVE VULNERABILITY TITLE RISK
2020-11-03 CVE-2020-15999 Out-Of-Bounds Write vulnerability in multiple products
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
4.3
2019-09-03 CVE-2015-9383 Out-Of-Bounds Read vulnerability in multiple products
FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.
4.3
2019-09-03 CVE-2015-9382 Out-Of-Bounds Read vulnerability in multiple products
FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.
4.3
2019-09-03 CVE-2015-9381 Out-Of-Bounds Read vulnerability in multiple products
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
6.8
2019-07-30 CVE-2015-9290 Out-Of-Bounds Read vulnerability in Freetype
In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check that the new values of cur and limit are sensible before going to Again.
network
low complexity
freetype CWE-125
7.5
2016-06-07 CVE-2014-9747 Resource Management Errors vulnerability in multiple products
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.
network
low complexity
freetype debian CWE-399
5.0
2016-06-07 CVE-2014-9746 Improper Input Validation vulnerability in multiple products
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.
network
low complexity
freetype debian CWE-20
7.5
2015-09-14 CVE-2014-9745 Resource Management Errors vulnerability in multiple products
The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.
network
low complexity
freetype debian canonical opensuse CWE-399
5.0
2015-02-08 CVE-2014-9675 Permissions, Privileges, and Access Controls vulnerability in multiple products
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
5.0
2015-02-08 CVE-2014-9674 Remote vulnerability in FreeType Versions Prior to 2.5.4
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
7.5