Max CVSS 10.0 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2010-1797 9.3
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 o
26-09-2019 - 17:05 16-08-2010 - 18:39
CVE-2011-3439 9.3
FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document.
26-09-2019 - 17:05 11-11-2011 - 18:55
CVE-2012-1126 10.0
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted propert
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1127 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph o
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1129 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1130 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted propert
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1131 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1132 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted diction
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1133 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1134 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted privat
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1135 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involvi
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1136 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1137 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted heade
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1138 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involvi
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1139 9.3
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary co
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1141 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1142 9.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2012-1143 4.3
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
18-01-2018 - 02:29 25-04-2012 - 10:10
CVE-2011-3256 4.3
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font,
29-08-2017 - 01:30 14-10-2011 - 10:55
CVE-2011-2895 9.3
The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x
29-08-2017 - 01:29 19-08-2011 - 17:55
CVE-2010-3814 6.8
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueT
19-12-2012 - 04:32 26-11-2010 - 20:00
CVE-2010-3855 6.8
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
19-12-2012 - 04:32 26-11-2010 - 20:00
CVE-2010-3053 4.3
bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string.
19-12-2012 - 04:30 19-08-2010 - 18:00
CVE-2010-3054 5.0
Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character (aka seac) calls, related to psaux.h, cffgload.c, cff
19-12-2012 - 04:30 19-08-2010 - 18:00
CVE-2010-3311 9.3
Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font
19-12-2012 - 04:30 07-01-2011 - 23:00
CVE-2010-2805 6.8
The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a
19-12-2012 - 04:29 19-08-2010 - 18:00
CVE-2010-2497 6.8
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
19-12-2012 - 04:28 19-08-2010 - 18:00
CVE-2010-2498 6.8
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly
19-12-2012 - 04:28 19-08-2010 - 18:00
CVE-2010-2499 6.8
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with a
19-12-2012 - 04:28 19-08-2010 - 18:00
CVE-2010-2500 6.8
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
19-12-2012 - 04:28 19-08-2010 - 18:00
CVE-2010-2519 6.8
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a PO
19-12-2012 - 04:28 19-08-2010 - 18:00
CVE-2010-2520 5.1
Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code
19-12-2012 - 04:28 19-08-2010 - 18:00
CVE-2010-2527 6.8
Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
19-12-2012 - 04:28 19-08-2010 - 18:00
CVE-2010-2541 6.8
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
19-12-2012 - 04:28 19-08-2010 - 18:00
Back to Top Mark selected
Back to Top