CVE-2014-9659 in FreeTypeinfo

Zusammenfassung (Englisch)

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

07.02.2015

Veröffentlichung

08.02.2015

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
69070	FreeType CFF CharString Interpreter Pufferüberlauf	119	Nicht definiert	Offizieller Fix	CVE-2014-9659

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Want to know what is going to be exploited?

We predict KEV entries!