CVE-2014-9745 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 85%

Vendor	Product	Version
freetype	freetype	𝑥 ≤ 2.5.2
debian	debian_linux	7.0
debian	debian_linux	8.0
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.04
opensuse	opensuse	13.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

freetype

bullseye	2.10.4+dfsg-1+deb11u1 fixed
bookworm	2.12.1+dfsg-5+deb12u3 fixed
sid	2.13.3+dfsg-1 fixed
trixie	2.13.3+dfsg-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

freetype

vivid	Fixed 2.5.2-2ubuntu3.1 released
trusty	Fixed 2.5.2-1ubuntu2.5 released
precise	Fixed 2.4.8-1ubuntu2.3 released

Common Weakness Enumeration

CWE-399 -

References

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75

http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html

http://savannah.nongnu.org/bugs/index.php?41590

http://www.debian.org/security/2015/dsa-3370

http://www.securityfocus.com/bid/76727

http://www.securitytracker.com/id/1033536

http://www.ubuntu.com/usn/USN-2739-1

https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124

https://code.google.com/p/chromium/issues/detail?id=459050

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=df14e6c0b9592cbb24d5381dfc6106b14f915e75

http://lists.opensuse.org/opensuse-updates/2015-10/msg00017.html

http://savannah.nongnu.org/bugs/index.php?41590

http://www.debian.org/security/2015/dsa-3370

http://www.securityfocus.com/bid/76727

http://www.securitytracker.com/id/1033536

http://www.ubuntu.com/usn/USN-2739-1

https://bugs.launchpad.net/ubuntu/+source/freetype/+bug/1492124

https://code.google.com/p/chromium/issues/detail?id=459050