Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Redhat Enterprise linux hpc node 7.0 (not an official CPE)
Redhat Enterprise linux hpc node 6 (not an official CPE)
Redhat Enterprise linux desktop 7.0 (not an official CPE)
Redhat Enterprise linux desktop 6.0 (not an official CPE)
Oracle Solaris 11.2
Oracle Solaris 10.0 (not an official CPE)
Opensuse Opensuse 13.2 (not an official CPE)
Opensuse Opensuse 13.1 (not an official CPE)
Fedora 21
Fedora 20
Debian Linux 7.0
Canonical Ubuntu Linux 15.04
Canonical Ubuntu linux 14.10 (not an official CPE)
Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
Canonical Ubuntu Linux 12.04 LTS
Canonical Ubuntu Linux 10.04 LTS
Redhat Enterprise linux hpc node eus 7.1 (not an official CPE)
Redhat Enterprise linux server 6.0 (not an official CPE)
Redhat Enterprise linux server 7.0 (not an official CPE)
Redhat Enterprise linux server eus 6.6.z (not an official CPE)
Redhat Enterprise linux server eus 7.1 (not an official CPE)
Redhat Enterprise linux workstation 6.0 (not an official CPE)
Redhat Enterprise linux workstation 7.0 (not an official CPE)
Redhat - Enterprise linux hpc node
Redhat - Enterprise linux desktop
Oracle - Solaris
Opensuse - Opensuse
Fedoraproject - Fedora
Debian - Debian linux
Canonical - Ubuntu linux
Freetype - Freetype
Redhat - Enterprise linux hpc node eus
Redhat - Enterprise linux server
Redhat - Enterprise linux server eus
Redhat - Enterprise linux workstation