FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid number of axes field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Freetype | Freetype | 1.3.1 (including) | 1.3.1 (including) |
Freetype | Freetype | 2.3.3 (including) | 2.3.3 (including) |
Freetype | Freetype | 2.3.4 (including) | 2.3.4 (including) |
Freetype | Freetype | 2.3.5 (including) | 2.3.5 (including) |