Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Enterprise_linux_desktop | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_desktop | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_hpc_node | Redhat | 6 (including) | 6 (including) |
Enterprise_linux_hpc_node | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_hpc_node_eus | Redhat | 7.1 (including) | 7.1 (including) |
Enterprise_linux_server | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_server | Redhat | 7.0 (including) | 7.0 (including) |
Enterprise_linux_server_eus | Redhat | 6.6.z (including) | 6.6.z (including) |
Enterprise_linux_server_eus | Redhat | 7.1 (including) | 7.1 (including) |
Enterprise_linux_workstation | Redhat | 6.0 (including) | 6.0 (including) |
Enterprise_linux_workstation | Redhat | 7.0 (including) | 7.0 (including) |
Red Hat Enterprise Linux 6 | RedHat | freetype-0:2.3.11-15.el6_6.1 | * |
Red Hat Enterprise Linux 7 | RedHat | freetype-0:2.4.11-10.el7_1.1 | * |
Freetype | Ubuntu | devel | * |
Freetype | Ubuntu | lucid | * |
Freetype | Ubuntu | precise | * |
Freetype | Ubuntu | trusty | * |
Freetype | Ubuntu | upstream | * |
Freetype | Ubuntu | utopic | * |