Vulnerabilities > Freetype

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-8105 Out-of-bounds Write vulnerability in multiple products
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.
network
low complexity
freetype debian CWE-787
critical
9.8
2017-04-14 CVE-2017-7864 Out-of-bounds Write vulnerability in Freetype
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
network
low complexity
freetype CWE-787
critical
9.8
2017-04-14 CVE-2017-7858 Out-of-bounds Write vulnerability in Freetype
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
network
low complexity
freetype CWE-787
critical
9.8
2017-04-14 CVE-2017-7857 Out-of-bounds Write vulnerability in Freetype 2.7/2.7.0/2.7.1
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
network
low complexity
freetype CWE-787
critical
9.8
2017-04-14 CVE-2016-10328 Out-of-bounds Write vulnerability in multiple products
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
network
low complexity
freetype oracle CWE-787
critical
9.8
2017-03-06 CVE-2016-10244 Out-of-bounds Read vulnerability in multiple products
The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.
local
low complexity
freetype debian CWE-125
7.8
2016-06-07 CVE-2014-9747 Resource Management Errors vulnerability in multiple products
The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.
network
low complexity
freetype debian CWE-399
7.5
2016-06-07 CVE-2014-9746 Improper Input Validation vulnerability in multiple products
The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_matrix function in type42/t42parse.c, and (4) ps_parser_load_field function in psaux/psobjs.c in FreeType before 2.5.4 do not check return values, which allows remote attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted font.
network
low complexity
freetype debian CWE-20
critical
9.8