| |
ID ▼ |
Type ▼ |
Status ▼ |
Priority ▼ |
Milestone ▼ |
Owner ▼ |
Summary + Labels ▼ |
... |
|---|
|
|
151 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 BDF parsing potential heap pointer disclosure
CCProjectZeroMembers
|
|
|
|
153 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 Mac font parsing heap-based buffer overflow due to multiple integer overflows
CCProjectZeroMembers
|
|
|
|
154 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 Mac font parsing heap-based buffer overflow due to integer signedness problems
CCProjectZeroMembers
|
|
|
|
155 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 Mac FOND resource parsing out-of-bounds read from stack
CCProjectZeroMembers
|
|
|
|
157 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 PCF parsing NULL pointer dereference due to 32-bit integer overflow
CCProjectZeroMembers
|
|
|
|
158 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 PCF parsing NULL pointer dereference due to 32-bit integer overflow
CCProjectZeroMembers
|
|
|
|
163 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 SFNT parsing multiple out-of-bounds reads due to integer overflows in "cmap" table handling
CCProjectZeroMembers
|
|
|
|
164 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 WOFF parsing heap-based buffer overflow due to integer overflow
CCProjectZeroMembers
|
|
|
|
166 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 SFNT parsing integer overflows
CCProjectZeroMembers
|
|
|
|
167 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 sbits parsing potential out-of-bounds read due to integer overflow
CCProjectZeroMembers
|
|
|
|
168 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 sbix PNG handling heap-based buffer overflow due to integer overflow
CCProjectZeroMembers
|
|
|
|
183 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 Type42 parsing out-of-bounds read in "ps_table_add"
CCProjectZeroMembers
|
|
|
|
184 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 SFNT cmap parsing out-of-bounds read in "tt_cmap4_validate"
CCProjectZeroMembers
|
|
|
|
185 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 CFF CharString parsing heap-based buffer overflow in "cff_builder_add_point"
CCProjectZeroMembers
|
|
|
|
187 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 Type42 parsing use-after-free in "FT_Stream_TryRead" (embedded BDF loading)
CCProjectZeroMembers
|
|
|
|
188 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 BDF parsing NULL pointer dereference in "_bdf_parse_glyphs"
CCProjectZeroMembers
|
|
|
|
190 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 CFF hintmap building stack-based arbitrary out-of-bounds write
CCProjectZeroMembers
|
|
|
|
194 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 SFNT kern parsing out-of-bounds read in "tt_face_load_kern"
CCProjectZeroMembers
|
|
|
|
195 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 TrueType parsing heap-based out-of-bounds read in "tt_face_load_hdmx"
CCProjectZeroMembers
|
|
|
|
196 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 OpenType parsing heap-based out-of-bounds read in "tt_sbit_decoder_load_image"
CCProjectZeroMembers
|
|
|
|
197 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.3 multiple unchecked function calls returning FT_Error
CCProjectZeroMembers
|
|
|
|
211 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.5.4 Type42 parsing invalid free in "t42_parse_sfnts"
CCProjectZeroMembers
|
|
|
|
602 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.6.1 TrueType parsing heap-based out-of-bounds reads in "tt_cmap14_validate"
CCProjectZeroMembers
|
|
|
|
614 |
----
|
Fixed
|
----
|
----
|
mjurczyk@google.com
|
FreeType 2.6.1 TrueType parsing heap-based out-of-bounds read in "tt_sbit_decoder_load_bit_aligned"
CCProjectZeroMembers
|
|