FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

freetype2 -- Out of bounds read/write

Affected packages
freetype2 < 2.5.3

Details

VuXML ID 1a0de610-a761-11e3-95fe-bcaec565249c
Discovery 2014-02-25
Entry 2014-03-09

Mateusz Jurczyk reports:

Out of bounds stack-based read/write in cf2_hintmap_build.

This is a critical vulnerability in the CFF Rasterizer code recently contributed by Adobe, leading to potential arbitrary code execution in the context of the FreeType2 library client.

[source]

References

URL http://savannah.nongnu.org/bugs/?41697

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.