Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-9745
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-14 Sep, 2015 | 20:59
Updated At-06 May, 2026 | 22:30

The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as demonstrated by 8#garbage.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
freetype
freetype
>>freetype>>Versions up to 2.5.2(inclusive)
cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>15.04
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
openSUSE
opensuse
>>opensuse>>13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75cve@mitre.org
N/A
http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.htmlcve@mitre.org
N/A
http://savannah.nongnu.org/bugs/index.php?41590cve@mitre.org
N/A
http://www.debian.org/security/2015/dsa-3370cve@mitre.org
N/A
http://www.securityfocus.com/bid/76727cve@mitre.org
N/A
http://www.securitytracker.com/id/1033536cve@mitre.org
N/A
http://www.ubuntu.com/usn/USN-2739-1cve@mitre.org
N/A
https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124cve@mitre.org
N/A
https://code.google.com/p/chromium/issues/detail?id=459050cve@mitre.org
N/A
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://savannah.nongnu.org/bugs/index.php?41590af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2015/dsa-3370af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/76727af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1033536af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-2739-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124af854a3a-2127-422b-91ae-364da2661108
N/A
https://code.google.com/p/chromium/issues/detail?id=459050af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://savannah.nongnu.org/bugs/index.php?41590
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2015/dsa-3370
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/76727
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1033536
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2739-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=459050
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://savannah.nongnu.org/bugs/index.php?41590
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2015/dsa-3370
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/76727
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id/1033536
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-2739-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://code.google.com/p/chromium/issues/detail?id=459050
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found