VDB

GCVE-110-MAGEIA-2014-130

GCVE-110-MAGEIA-2014-130
Advisory Published
Vulnetix · Advisory published March 15, 2014
It was reported that Freetype before 2.5.3 suffers from an out-of-bounds stack-based read/write flaw in cf2_hintmap_build() in the CFF rasterizing code, which could lead to a buffer overflow (CVE-2014-2240). It was also reported that Freetype before 2.5.3 has a denial-of-service vulnerability in the CFF rasterizing code, due to a reachable assertion (CVE-2014-2241).

Affected Products

VendorProductVersionsPlatforms
Mageiafreetype20 (affected), 2.5.0.1-3.1.mga4 (unaffected), 0 (affected), 2.5.0.1-3.1.mga4.tainted (unaffected), 0 (affected), 2.5.0.1-3.1.mga4 (unaffected), 0 (affected), 2.5.0.1-3.1.mga4.tainted (unaffected)
Mageiafglc0 (affected), 0.1.16-2.1.mga4 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›