Vulnerability Description
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Ubuntu Linux | 10.04 |
| Freetype | Freetype | <= 2.5.3 |
| Debian | Debian Linux | 7.0 |
| Fedoraproject | Fedora | 20 |
| Redhat | Enterprise Linux Desktop | 6.0 |
| Redhat | Enterprise Linux Hpc Node | 6.0 |
| Redhat | Enterprise Linux Hpc Node Eus | 7.1 |
| Redhat | Enterprise Linux Server | 6.0 |
| Redhat | Enterprise Linux Server Eus | 6.6.z |
| Redhat | Enterprise Linux Workstation | 6.0 |
| Opensuse | Opensuse | 13.1 |
Related Weaknesses (CWE)
References
- http://advisories.mageia.org/MGASA-2015-0083.htmlThird Party Advisory
- http://code.google.com/p/google-security-research/issues/detail?id=151Exploit
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2c4832d30939bIssue Tracking
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150148.hThird Party Advisory
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150162.hThird Party Advisory
- http://lists.opensuse.org/opensuse-updates/2015-03/msg00091.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-0696.htmlThird Party Advisory
- http://www.debian.org/security/2015/dsa-3188Third Party Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:055Third Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlThird Party Advisory
- http://www.securityfocus.com/bid/72986
- http://www.ubuntu.com/usn/USN-2510-1Third Party Advisory
- http://www.ubuntu.com/usn/USN-2739-1Third Party Advisory
- https://security.gentoo.org/glsa/201503-05
- https://source.android.com/security/bulletin/2016-11-01.html
FAQ
What is CVE-2014-9675?
CVE-2014-9675 is a vulnerability with a CVSS score of 5.0 (MEDIUM). bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASL...
How severe is CVE-2014-9675?
CVE-2014-9675 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-9675?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Freetype Freetype, Debian Debian Linux, Fedoraproject Fedora, Redhat Enterprise Linux Desktop.