Vulnerability & Exploit Database

Displaying entries 1 - 10 of 38 in total

Results for: CVE-2012-0216 Back to search

ELSA-2015-0696 Important: Oracle Linux freetype security update Vulnerability

  • Severity: 8
  • Published: February 08, 2015

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.

RHSA-2013:0747: kernel security and bug fix update Vulnerability

  • Severity: 6
  • Published: March 22, 2013

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.This update fixes the following security issues:Red Hat would like to thank the Xen project for reporting the CVE-2013-0216and CVE-2013-0231 issues.This update also fixes the following bugs:Users should upgrade to these updated packages, which contain bac...

ELSA-2013-0747-1 Moderate: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 6
  • Published: March 22, 2013

The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.

ELSA-2013-0747 Moderate: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 6
  • Published: March 22, 2013

The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability.

USN-1686-1: FreeType vulnerabilities Vulnerability

  • Severity: 4
  • Published: January 24, 2013

The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.

SUSE Linux Security Vulnerability: CVE-2012-5669 Vulnerability

  • Severity: 4
  • Published: January 24, 2013

The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.

Oracle Solaris 11: CVE-2012-5669: Vulnerability in FreeType Vulnerability

  • Severity: 4
  • Published: January 24, 2013

The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.

RHSA-2013:0216: freetype security update Vulnerability

  • Severity: 4
  • Published: January 24, 2013

FreeType is a free, high-quality, portable font engine that can open andmanage font files. It also loads, hints, and renders individual glyphsefficiently.A flaw was found in the way the FreeType font rendering engine processedcertain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded aspecially-crafted font file with an appli...

Gentoo Linux: CVE-2012-5669: FreeType: Multiple vulnerabilities Vulnerability

  • Severity: 4
  • Published: January 24, 2013

The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.