CVE-2014-9747 in FreeTypeinfo

Summary

The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

09/25/2015

Disclosure

06/07/2016

Moderation

VulDB entry created

Entries

VDB-87758 (1)

CPE

ready

CWE

CWE-835 (Confirmed)

CVSS

5.3

EPSS

0.01099

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-9747
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9747
CVE Details	https://www.cvedetails.com/cve/CVE-2014-9747/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!