Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.9%
  • Veröffentlicht 23.02.2015 17:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.

  • EPSS 0.9%
  • Veröffentlicht 17.02.2015 15:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.

Exploit
  • EPSS 4.16%
  • Veröffentlicht 08.02.2015 11:59:36
  • Zuletzt bearbeitet 06.05.2026 22:30:45

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.

Exploit
  • EPSS 5.71%
  • Veröffentlicht 08.02.2015 11:59:35
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based bu...

Exploit
  • EPSS 3.41%
  • Veröffentlicht 08.02.2015 11:59:34
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Integer signedness error in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac fo...

Exploit
  • EPSS 4.68%
  • Veröffentlicht 08.02.2015 11:59:33
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac f...

Exploit
  • EPSS 3.47%
  • Veröffentlicht 08.02.2015 11:59:32
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value th...

Exploit
  • EPSS 4.18%
  • Veröffentlicht 08.02.2015 11:59:31
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF f...

Exploit
  • EPSS 3.85%
  • Veröffentlicht 08.02.2015 11:59:30
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.

Exploit
  • EPSS 3.49%
  • Veröffentlicht 08.02.2015 11:59:29
  • Zuletzt bearbeitet 06.05.2026 22:30:45

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other im...