CVE-2014-9675 | Vulnerability Database | Aqua Security

bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.

Affected Software

Name	Vendor	Start Version	End Version
Ubuntu_linux	Canonical	10.04 (including)	10.04 (including)
Ubuntu_linux	Canonical	12.04 (including)	12.04 (including)
Ubuntu_linux	Canonical	14.04 (including)	14.04 (including)
Ubuntu_linux	Canonical	14.10 (including)	14.10 (including)
Ubuntu_linux	Canonical	15.04 (including)	15.04 (including)
Red Hat Enterprise Linux 6	RedHat	freetype-0:2.3.11-15.el6_6.1	*
Red Hat Enterprise Linux 7	RedHat	freetype-0:2.4.11-10.el7_1.1	*
Freetype	Ubuntu	devel	*
Freetype	Ubuntu	lucid	*
Freetype	Ubuntu	precise	*
Freetype	Ubuntu	trusty	*
Freetype	Ubuntu	upstream	*
Freetype	Ubuntu	utopic	*

References

http://advisories.mageia.org/MGASA-2015-0083.html
http://code.google.com/p/google-security-research/issues/detail?id=151
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939b45c05757f0a05128ce64c4cacc7
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.html
http://rhn.redhat.com/errata/RHSA-2015-0696.html
http://www.debian.org/security/2015/dsa-3188
http://www.mandriva.com/security/advisories?name=MDVSA-2015:055
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.securityfocus.com/bid/72986
http://www.ubuntu.com/usn/USN-2510-1
http://www.ubuntu.com/usn/USN-2739-1
https://security.gentoo.org/glsa/201503-05
https://source.android.com/security/bulletin/2016-11-01.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9675
CWE	https://cwe.mitre.org/data/definitions/264.html