High

DATE	CVE	VULNERABILITY TITLE	RISK
2015-02-08	CVE-2014-9674	Remote vulnerability in FreeType Versions Prior to 2.5.4 The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. network low complexity canonical oracle fedoraproject redhat opensuse freetype	7.5
2015-02-08	CVE-2014-9663	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table. network low complexity freetype debian opensuse fedoraproject oracle canonical redhat CWE-119	7.5
2015-02-08	CVE-2014-9661	Remote vulnerability in FreeType Versions Prior to 2.5.4 type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font. network low complexity canonical debian redhat freetype opensuse fedoraproject	7.5
2015-02-08	CVE-2014-9660	NULL Pointer Dereference vulnerability in multiple products The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font. network low complexity opensuse canonical debian oracle fedoraproject redhat freetype CWE-476	7.5
2015-02-08	CVE-2014-9658	Out-of-bounds Read vulnerability in multiple products The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. network low complexity oracle canonical fedoraproject freetype debian opensuse redhat CWE-125	7.5
2015-02-08	CVE-2014-9657	Out-of-bounds Read vulnerability in multiple products The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font. network low complexity opensuse redhat oracle fedoraproject freetype debian canonical CWE-125	7.5