Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.891909
Kategorie:Debian Local Security Checks
Titel:Debian LTS: Security Advisory for freetype (DLA-1909-1)
Zusammenfassung:The remote host is missing an update for the 'freetype'; package(s) announced via the DLA-1909-1 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'freetype'
package(s) announced via the DLA-1909-1 advisory.

Vulnerability Insight:
Several newly-referenced issues have been fixed in the FreeType 2 font
engine.

CVE-2015-9381

heap-based buffer over-read in T1_Get_Private_Dict in
type1/t1parse.c

CVE-2015-9382

buffer over-read in skip_comment in psaux/psobjs.c because
ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face
operation

CVE-2015-9383

a heap-based buffer over-read in tt_cmap14_validate in
sfnt/ttcmap.c

Affected Software/OS:
'freetype' package(s) on Debian Linux.

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
2.5.2-3+deb8u4.

We recommend that you upgrade your freetype packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-9381
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/type1/t1parse.c?id=7962a15d64c876870ca0ae435ea2467d9be268d9
https://savannah.nongnu.org/bugs/?45955
https://lists.debian.org/debian-lts-announce/2019/09/msg00002.html
RedHat Security Advisories: RHSA-2019:4254
https://access.redhat.com/errata/RHSA-2019:4254
https://usn.ubuntu.com/4126-2/
Common Vulnerability Exposure (CVE) ID: CVE-2015-9382
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/src/psaux/psobjs.c?id=db5a4a9ae7b0048f033361744421da8569642f73
https://savannah.nongnu.org/bugs/?45922
Common Vulnerability Exposure (CVE) ID: CVE-2015-9383
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=57cbb8c148999ba8f14ed53435fc071ac9953afd
https://savannah.nongnu.org/bugs/?46346
https://usn.ubuntu.com/4126-1/
CopyrightCopyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.