Vulnerabilities > Freetype > Freetype > 2.3.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-08-19 | CVE-2010-3054 | Remote Denial of Service vulnerability in FreeType 'seac' Calls Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c. | 5.0 |
| 2010-08-19 | CVE-2010-3053 | Improper Input Validation vulnerability in Freetype bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string. | 4.3 |
| 2010-08-19 | CVE-2010-2807 | Incorrect Conversion Between Numeric Types vulnerability in multiple products FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-19 | CVE-2010-2805 | Improper Input Validation vulnerability in multiple products The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-19 | CVE-2010-2541 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-19 | CVE-2010-2527 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |
| 2010-08-19 | CVE-2010-2520 | Out-Of-Bounds Write vulnerability in multiple products Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 5.1 |
| 2010-08-19 | CVE-2010-2499 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment. | 6.8 |
| 2010-08-19 | CVE-2010-2498 | Out-Of-Bounds Write vulnerability in multiple products The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation. | 6.8 |
| 2010-08-19 | CVE-2010-2497 | Integer Underflow (Wrap OR Wraparound) vulnerability in multiple products Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. | 6.8 |