7.5

CVE-2014-9658

Exploit
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted TrueType font.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleSolaris Version10.0
OracleSolaris Version11.2
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version14.10
CanonicalUbuntu Linux Version15.04
FedoraprojectFedora Version20
FedoraprojectFedora Version21
FreetypeFreetype Version <= 2.5.3
DebianDebian Linux Version7.0
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.06% 0.912
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2739-1
Third Party Advisory
http://advisories.mageia.org/MGASA-2015-0083.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html
Third Party Advisory
http://www.debian.org/security/2015/dsa-3188
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:055
Broken Link
http://www.securityfocus.com/bid/72986
http://www.ubuntu.com/usn/USN-2510-1
Third Party Advisory
https://security.gentoo.org/glsa/201503-05
http://rhn.redhat.com/errata/RHSA-2015-0696.html
Third Party Advisory
http://code.google.com/p/google-security-research/issues/detail?id=194
Exploit
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f70d9342e65cd2cb44e9f26b6d7edeedf191fc6c
Patch
Vendor Advisory