Redhat : Security Vulnerabilities, CVEs, Published In February 2015 (Memory corruption)
Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers improper handling of a shadow-root anchor.
Max CVSS
7.5
EPSS Score
2.00%
Published
2015-02-06
Updated
2021-09-08
Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted content that is improperly handled during IndexedDB index creation.
Max CVSS
6.8
EPSS Score
3.12%
Published
2015-02-25
Updated
2019-04-22
Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented.
Max CVSS
4.3
EPSS Score
2.54%
Published
2015-02-08
Updated
2018-10-30
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
Max CVSS
4.3
EPSS Score
2.20%
Published
2015-02-08
Updated
2018-10-30
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
Max CVSS
6.8
EPSS Score
1.16%
Published
2015-02-08
Updated
2018-10-30
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted Type42 font.
Max CVSS
7.5
EPSS Score
3.61%
Published
2015-02-08
Updated
2018-10-30
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted BDF font.
Max CVSS
7.5
EPSS Score
2.63%
Published
2015-02-08
Updated
2018-10-30
7 vulnerabilities found