CVE-2014-9675
Summary
| CVE | CVE-2014-9675 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-02-08 11:59:00 UTC |
| Updated | 2018-10-30 16:27:00 UTC |
| Description | bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 10.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 15.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 10.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 12.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 15.04 | All | All | All |
| Operating System | Debian | Debian Linux | 7.0 | All | All | All |
| Operating System | Debian | Debian Linux | 7.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 20 | All | All | All |
| Operating System | Fedoraproject | Fedora | 21 | All | All | All |
| Operating System | Fedoraproject | Fedora | 20 | All | All | All |
| Operating System | Fedoraproject | Fedora | 21 | All | All | All |
| Application | Freetype | Freetype | All | All | All | All |
| Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.2 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.1 | All | All | All |
| Operating System | Opensuse | Opensuse | 13.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Hpc Node | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Hpc Node | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Hpc Node | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Hpc Node | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Hpc Node Eus | 7.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Hpc Node Eus | 7.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 6.6.z | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 6.6.z | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Eus | 7.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 21 Update: freetype-2.5.3-15.fc21 | FEDORA | lists.fedoraproject.org | Third Party Advisory |
| Debian -- Security Information -- DSA-3188-1 freetype | DEBIAN | www.debian.org | Third Party Advisory |
| Android Security Bulletin—November 2016 | Android Open Source Project | CONFIRM | source.android.com | |
| Issue 151 - google-security-research - FreeType 2.5.3 BDF parsing potential heap pointer disclosure - Google Security Research - Google Project Hosting | MISC | code.google.com | Exploit |
| USN-2739-1: FreeType vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | Third Party Advisory |
| Mageia Advisory: MGASA-2015-0083 - Updated freetype2 packages fix security vulnerabilities | CONFIRM | advisories.mageia.org | Third Party Advisory |
| freetype/freetype2.git - The FreeType 2 library | CONFIRM | git.savannah.gnu.org | Issue Tracking |
| USN-2510-1: FreeType vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | Third Party Advisory |
| FreeType: Multiple vulnerabilities (GLSA 201503-05) — Gentoo security | GENTOO | security.gentoo.org | |
| Support / Security / Advisories / / MDVSA-2015:055 | Mandriva | MANDRIVA | www.mandriva.com | Third Party Advisory |
| [SECURITY] Fedora 20 Update: freetype-2.5.0-9.fc20 | FEDORA | lists.fedoraproject.org | Third Party Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | Third Party Advisory |
| openSUSE-SU-2015:0627-1: moderate: Security update for freetype2 | SUSE | lists.opensuse.org | Third Party Advisory |
| Oracle Solaris Third Party Bulletin - April 2015 | CONFIRM | www.oracle.com | Third Party Advisory |
| FreeType Versions Prior to 2.5.4 Multiple Remote Vulnerabilities | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.