Vulnerabilities > Freetype

DATE CVE VULNERABILITY TITLE RISK
2014-03-12 CVE-2014-2240 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype
Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.
network
low complexity
freetype CWE-119
7.5
7.5
2013-01-24 CVE-2012-5670 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.
network
freetype CWE-119
4.3
4.3
2013-01-24 CVE-2012-5669 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
network
freetype CWE-119
4.3
4.3
2013-01-24 CVE-2012-5668 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype
FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function.
network
freetype CWE-119
4.3
4.3
2012-04-25 CVE-2012-1138 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
network
freetype mozilla CWE-119
critical
 9.3
9.3
2012-04-25 CVE-2012-1135 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
network
freetype mozilla CWE-119
critical
 9.3
9.3
2012-04-25 CVE-2012-1133 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
network
freetype mozilla CWE-119
critical
 9.3
9.3
2012-04-25 CVE-2012-1129 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
network
freetype mozilla CWE-119
critical
 9.3
9.3
2012-04-25 CVE-2012-1128 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
network
freetype mozilla CWE-119
critical
 9.3
9.3
2011-08-19 CVE-2011-2895 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.
network
freetype x freebsd netbsd openbsd CWE-119
critical
 9.3
9.3