Skip to main content

Freetype CVE-2014-2241

MEDIUM
Improper Input Validation (CWE-20)
2014-03-18 cve@mitre.org
6.8
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:P/I:P/A:P
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Mar 18, 2014 - 17:04 cve.org
MEDIUM 6.8

DescriptionCVE.org

The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file.

AnalysisAI

The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. The (1) cf2_initLocalRegionBuffer and (2) cf2_initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service (assertion failure), as demonstrated by a crafted ttf file. Affected products include: Freetype, Canonical Ubuntu Linux. Version information: before 2.5.3.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2022-27404 CRITICAL POC
9.8 Apr 22

FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the functi

CVE-2020-15999 CRITICAL POC
9.6 Nov 03

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploi

CVE-2014-9662 HIGH POC
7.5 Feb 08

cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows rem

CVE-2014-9674 HIGH POC
7.5 Feb 08

The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values with

CVE-2014-9660 HIGH POC
7.5 Feb 08

The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR recor

CVE-2014-9665 HIGH POC
7.5 Feb 08

The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG

CVE-2014-9661 HIGH POC
7.5 Feb 08

type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error

CVE-2014-9659 HIGH POC
7.5 Feb 08

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint

CVE-2014-9663 HIGH POC
7.5 Feb 08

The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that fi

CVE-2022-27406 HIGH POC
7.5 Apr 22

FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the func

CVE-2014-9656 HIGH POC
7.5 Feb 08

The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer

CVE-2016-10244 HIGH POC
7.8 Mar 06

The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph n

Share

CVE-2014-2241 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy