Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Freetype | Freetype | 2.1.9 | 2.1.9 |
Freetype | Freetype | 2.1.10 | 2.1.10 |
Freetype | Freetype | 2.1.5 | 2.1.5 |
Freetype | Freetype | 2.1.8 | 2.1.8 |
Freetype | Freetype | 2.1.3 | 2.1.3 |
Freetype | Freetype | 2.1.6 | 2.1.6 |
Freetype | Freetype | 2.0.9 | 2.0.9 |
Freetype | Freetype | 2.1.7 | 2.1.7 |
Freetype | Freetype | 2.1.4 | 2.1.4 |