CVE-2014-9668
- EPSS 1.94%
- Veröffentlicht 08.02.2015 11:59:29
- Zuletzt bearbeitet 06.05.2026 22:30:45
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overf...
CVE-2014-9666
- EPSS 4.23%
- Veröffentlicht 08.02.2015 11:59:28
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds ...
CVE-2014-9665
- EPSS 4.89%
- Veröffentlicht 08.02.2015 11:59:27
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly ha...
CVE-2014-9664
- EPSS 4.27%
- Veröffentlicht 08.02.2015 11:59:26
- Zuletzt bearbeitet 06.05.2026 22:30:45
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related ...
CVE-2014-9663
- EPSS 5.06%
- Veröffentlicht 08.02.2015 11:59:25
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly ...
CVE-2014-9662
- EPSS 4.32%
- Veröffentlicht 08.02.2015 11:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OT...
CVE-2014-9661
- EPSS 4.36%
- Veröffentlicht 08.02.2015 11:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a craf...
CVE-2014-9660
- EPSS 5.06%
- Veröffentlicht 08.02.2015 11:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact...
CVE-2014-9659
- EPSS 7.69%
- Veröffentlicht 08.02.2015 11:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer o...
CVE-2014-9658
- EPSS 5.06%
- Veröffentlicht 08.02.2015 11:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a craft...