Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 260 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2014-9679

Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.

Published: February 19, 2015; 10:59:11 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2015-0247

Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.

Published: February 17, 2015; 10:59:02 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2014-9675

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.

Published: February 08, 2015; 6:59:36 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-9674

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

Published: February 08, 2015; 6:59:35 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9673

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

Published: February 08, 2015; 6:59:34 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-9672

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file.

Published: February 08, 2015; 6:59:33 AM -0500
V3.x:(not available)
V2.0: 5.8 MEDIUM
CVE-2014-9671

Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.

Published: February 08, 2015; 6:59:32 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-9670

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.

Published: February 08, 2015; 6:59:31 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-9669

Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.

Published: February 08, 2015; 6:59:30 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-9668

The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Web Open Font Format (WOFF) file.

Published: February 08, 2015; 6:59:29 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9667

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.

Published: February 08, 2015; 6:59:29 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-9666

The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.

Published: February 08, 2015; 6:59:28 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-9665

The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.

Published: February 08, 2015; 6:59:27 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9664

FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.

Published: February 08, 2015; 6:59:26 AM -0500
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2014-9663

The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.

Published: February 08, 2015; 6:59:25 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9662

cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.

Published: February 08, 2015; 6:59:24 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9661

type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.

Published: February 08, 2015; 6:59:23 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9660

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.

Published: February 08, 2015; 6:59:22 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.

Published: February 08, 2015; 6:59:21 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2014-9658

The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.

Published: February 08, 2015; 6:59:20 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH