CVE-2010-2806
- EPSS 5.84%
- Veröffentlicht 19.08.2010 18:00:05
- Zuletzt bearbeitet 16.06.2026 23:21:32
Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings i...
CVE-2010-2807
- EPSS 4.2%
- Veröffentlicht 19.08.2010 18:00:05
- Zuletzt bearbeitet 16.06.2026 23:21:32
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
CVE-2010-2808
- EPSS 4.52%
- Veröffentlicht 19.08.2010 18:00:05
- Zuletzt bearbeitet 16.06.2026 23:21:32
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Typ...
CVE-2010-2805
- EPSS 5.11%
- Veröffentlicht 19.08.2010 18:00:04
- Zuletzt bearbeitet 16.06.2026 23:21:32
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ...
CVE-2010-1797
- EPSS 30.65%
- Veröffentlicht 16.08.2010 18:39:40
- Zuletzt bearbeitet 16.06.2026 23:19:21
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 o...
CVE-2010-2973
- EPSS 0.78%
- Veröffentlicht 05.08.2010 18:17:58
- Zuletzt bearbeitet 16.06.2026 23:21:52
Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe.
CVE-2010-1205
- EPSS 43.38%
- Veröffentlicht 30.06.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:17:50
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
CVE-2010-2249
- EPSS 2.63%
- Veröffentlicht 30.06.2010 18:30:01
- Zuletzt bearbeitet 16.06.2026 23:20:23
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
CVE-2010-1407
- EPSS 2.6%
- Veröffentlicht 22.06.2010 20:30:01
- Zuletzt bearbeitet 16.06.2026 23:18:18
WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML do...
- EPSS 2.17%
- Veröffentlicht 22.06.2010 20:30:01
- Zuletzt bearbeitet 16.06.2026 23:19:14
Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors.