CVE-2014-9667medium
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
References
http://advisories.mageia.org/MGASA-2015-0083.html
http://code.google.com/p/google-security-research/issues/detail?id=166
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html
http://rhn.redhat.com/errata/RHSA-2015-0696.html
http://www.debian.org/security/2015/dsa-3188
http://www.mandriva.com/security/advisories?name=MDVSA-2015:055
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.securityfocus.com/bid/72986
http://www.ubuntu.com/usn/USN-2510-1
Vulnerable Software
Configuration 1
OR
Configuration 2
OR
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Configuration 3
OR
Configuration 4
OR
cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:* versions up to 2.5.3 (inclusive)
Configuration 5
OR
Configuration 6
OR
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6.z:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 91368 | F5 Networks BIG-IP : Multiple FreeType vulnerabilities (K16900) | Nessus | F5 Networks Local Security Checks | high |
| 82509 | Amazon Linux AMI : freetype (ALAS-2015-502) | Nessus | Amazon Linux Local Security Checks | high |
| 82479 | Debian DLA-185-1 : freetype security update | Nessus | Debian Local Security Checks | high |
| 82461 | openSUSE Security Update : freetype2 (openSUSE-2015-274) | Nessus | SuSE Local Security Checks | high |
| 82342 | Mandriva Linux Security Advisory : freetype2 (MDVSA-2015:089) | Nessus | Mandriva Local Security Checks | high |
| 82262 | Scientific Linux Security Update : freetype on SL6.x, SL7.x i386/x86_64 (20150318) | Nessus | Scientific Linux Local Security Checks | high |
| 81967 | OracleVM 3.3 : freetype (OVMSA-2015-0036) | Nessus | OracleVM Local Security Checks | high |
| 81938 | Mandriva Linux Security Advisory : freetype2 (MDVSA-2015:055) | Nessus | Mandriva Local Security Checks | high |
| 81924 | CentOS 6 / 7 : freetype (CESA-2015:0696) | Nessus | CentOS Local Security Checks | high |
| 81907 | RHEL 7 : freetype (RHSA-2015:0696) | Nessus | Red Hat Local Security Checks | high |
| 81902 | Oracle Linux 6 / 7 : freetype (ELSA-2015-0696) | Nessus | Oracle Linux Local Security Checks | high |
| 81832 | Debian DSA-3188-1 : freetype - security update | Nessus | Debian Local Security Checks | high |
| 81752 | SuSE 11.3 Security Update : freetype2 (SAT Patch Number 10386) | Nessus | SuSE Local Security Checks | high |
| 81690 | GLSA-201503-05 : FreeType: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
| 81509 | Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : freetype vulnerabilities (USN-2510-1) | Nessus | Ubuntu Local Security Checks | high |
| 81429 | Fedora 20 : freetype-2.5.0-9.fc20 (2015-2216) | Nessus | Fedora Local Security Checks | high |
| 81415 | Fedora 21 : freetype-2.5.3-15.fc21 (2015-2237) | Nessus | Fedora Local Security Checks | high |