CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
92.5%
Mateusz Jurczyk discovered that FreeType did not correctly handle certain
malformed font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash or possibly
execute arbitrary code with user privileges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.10 | noarch | libfreetype6 | <ย 2.5.2-2ubuntu1.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | freetype2-demos | <ย 2.5.2-2ubuntu1.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libfreetype6-dev | <ย 2.5.2-2ubuntu1.1 | UNKNOWN |
Ubuntu | 14.10 | noarch | libfreetype6-udeb | <ย 2.5.2-2ubuntu1.1 | UNKNOWN |
Ubuntu | 14.04 | noarch | libfreetype6 | <ย 2.5.2-1ubuntu2.4 | UNKNOWN |
Ubuntu | 14.04 | noarch | freetype2-demos | <ย 2.5.2-1ubuntu2.4 | UNKNOWN |
Ubuntu | 14.04 | noarch | libfreetype6-dev | <ย 2.5.2-1ubuntu2.4 | UNKNOWN |
Ubuntu | 14.04 | noarch | libfreetype6-udeb | <ย 2.5.2-1ubuntu2.4 | UNKNOWN |
Ubuntu | 12.04 | noarch | libfreetype6 | <ย 2.4.8-1ubuntu2.2 | UNKNOWN |
Ubuntu | 12.04 | noarch | freetype2-demos | <ย 2.4.8-1ubuntu2.2 | UNKNOWN |
ubuntu.com/security/CVE-2014-9656
ubuntu.com/security/CVE-2014-9657
ubuntu.com/security/CVE-2014-9658
ubuntu.com/security/CVE-2014-9659
ubuntu.com/security/CVE-2014-9660
ubuntu.com/security/CVE-2014-9661
ubuntu.com/security/CVE-2014-9662
ubuntu.com/security/CVE-2014-9663
ubuntu.com/security/CVE-2014-9664
ubuntu.com/security/CVE-2014-9665
ubuntu.com/security/CVE-2014-9666
ubuntu.com/security/CVE-2014-9667
ubuntu.com/security/CVE-2014-9668
ubuntu.com/security/CVE-2014-9669
ubuntu.com/security/CVE-2014-9670
ubuntu.com/security/CVE-2014-9671
ubuntu.com/security/CVE-2014-9672
ubuntu.com/security/CVE-2014-9673
ubuntu.com/security/CVE-2014-9674
ubuntu.com/security/CVE-2014-9675