A vulnerability was found in FreeType up to 2.5.3 (Software Library). It has been rated as problematic. Affected by this issue is the function t42_parse_encoding of the file type42/t42parse.c. The manipulation with an unknown input leads to a infinite loop vulnerability. Using CWE to declare the problem leads to CWE-835. The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop. Impacted is availability. CVE summarizes:

The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.

The weakness was presented 06/07/2016 (Website). The advisory is available at savannah.nongnu.org. This vulnerability is handled as CVE-2014-9747. The attack may be launched remotely. No form of authentication is required for exploitation. Technical details are known, but there is no available exploit. This vulnerability is assigned to T1499 by the MITRE ATT&CK project.

The vulnerability scanner Nessus provides a plugin with the ID 86211 (Debian DLA-319-1 : freetype security update), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Debian Local Security Checks. The commercial vulnerability scanner Qualys is able to test this issue with plugin 175525 (Debian Security Update for freetype (DSA 3370-1)).

Upgrading to version 2.5.4 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Tenable (86211). See 77690 and 87757 for similar entries.

Productinfo

Type

• Software Library

Name

• FreeType

License

• open-source

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion