FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the t1_decoder_parse_charstrings function in psaux/t1decode.c.

References

git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791

www.debian.org/security/2017/dsa-3839

www.securityfocus.com/bid/99093

bugs.chromium.org/p/oss-fuzz/issues/detail?id=935

security.gentoo.org/glsa/201706-14

www.oracle.com/security-alerts/cpuapr2020.html

www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

redhatcve 1

nvd 1

cvelist 1

ubuntucve 1

prion 1

nessus 19

osv 3

debiancve 1

veracode 1

cve 1

alpinelinux 1

fedora 3

archlinux 2

ubuntu 2

openvas 14

cloudfoundry 1

debian 3

freebsd 1

ibm 3

mageia 1

suse 2

gentoo 1

f5 1

oracle 3

redhatcve

CVE-2017-8105

2017-04-28 09:18:20

nvd

CVE-2017-8105

2017-04-24 18:59:00

cvelist

CVE-2017-8105

2017-04-24 18:00:00

ubuntucve

CVE-2017-8105

2017-04-24 00:00:00

prion

Heap overflow

2017-04-24 18:59:00

nessus

Photon OS 1.0: Freetype2 PHSA-2017-0041

2019-02-07 00:00:00

FreeBSD : freetype2 -- buffer overflows (4a088d67-3af2-11e7-9d75-c86000169601)

2017-05-19 00:00:00

Debian DLA-918-1 : freetype security update

2017-04-27 00:00:00

osv

freetype - security update

2017-04-26 00:00:00

freetype - security update

2017-04-28 00:00:00

freetype2-devel-2.11.0-1.2 on GA media

2024-06-15 00:00:00

debiancve

CVE-2017-8105

2017-04-24 18:59:00

veracode

Out-of-Bounds Write

2017-05-16 07:13:21

cve

CVE-2017-8105

2017-04-24 18:59:00

alpinelinux

CVE-2017-8105

2017-04-24 18:59:00

fedora

[SECURITY] Fedora 26 Update: freetype-2.7.1-6.fc26

2017-05-06 17:15:09

[SECURITY] Fedora 25 Update: freetype-2.6.5-7.fc25

2017-05-07 00:03:26

[SECURITY] Fedora 24 Update: freetype-2.6.3-5.fc24

2017-05-06 23:52:55

archlinux

[ASA-201705-7] freetype2: arbitrary code execution

2017-05-09 00:00:00

[ASA-201705-10] lib32-freetype2: arbitrary code execution

2017-05-10 00:00:00

ubuntu

FreeType vulnerabilities

2017-05-09 00:00:00

FreeType vulnerabilities

2017-05-17 00:00:00

openvas

Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2017-1110)

2020-01-23 00:00:00

Fedora Update for freetype FEDORA-2017-5760b80676

2017-05-07 00:00:00

Huawei EulerOS: Security Advisory for freetype (EulerOS-SA-2017-1114)

2020-01-23 00:00:00

cloudfoundry

USN-3282-1: FreeType vulnerabilities | Cloud Foundry

2017-06-02 00:00:00

debian

[SECURITY] [DLA 918-1] freetype security update

2017-04-26 15:51:04

[SECURITY] [DSA 3839-1] freetype security update

2017-04-28 19:24:57

[SECURITY] [DSA 3839-1] freetype security update

2017-04-28 19:24:57

freebsd

freetype2 -- buffer overflows

2017-05-17 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities in freetype2 affect IBM Flex System Manager (FSM)

2018-06-18 01:42:30

Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerabilities in freetype2 (CVE-2016-10244 CVE-2017-8105 CVE-2017-8287)

2018-07-26 20:24:26

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in freetype2 (CVE-2017-8287 CVE-2017-8105 CVE-2016-10244)

2023-12-07 22:31:02

mageia

Updated freetype2 packages fix security vulnerability

2017-05-02 09:37:59

suse

Security update for freetype2 (important)

2018-02-09 21:13:00

Security update for freetype2 (important)

2018-02-12 12:08:42

gentoo

FreeType: Multiple vulnerabilities

2017-06-06 00:00:00

K000141126: Multiple FreeType vulnerabilities

2024-09-19 00:00:00

oracle

Oracle Critical Patch Update Advisory - April 2019

2019-04-16 00:00:00

Oracle Critical Patch Update Advisory - October 2020

2020-10-20 00:00:00

Oracle Critical Patch Update Advisory - April 2020

2020-04-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.2

Confidence

High

EPSS

0.012

Percentile

85.1%

JSON

Related for OSV:CVE-2017-8105