FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

freetype2 -- multiple vulnerabilities

Affected packages
freetype2 < 2.3.9_1

Details

VuXML ID 20b4f284-2bfc-11de-bdeb-0030843d3802
Discovery 2009-04-16
Entry 2009-04-18

Secunia reports:

Some vulnerabilities have been reported in FreeType, which can be exploited by malicious people to potentially compromise an application using the library.

An integer overflow error within the "cff_charset_compute_cids()" function in cff/cffload.c can be exploited to potentially cause a heap-based buffer overflow via a specially crafted font.

Multiple integer overflow errors within validation functions in sfnt/ttcmap.c can be exploited to bypass length validations and potentially cause buffer overflows via specially crafted fonts.

An integer overflow error within the "ft_smooth_render_generic()" function in smooth/ftsmooth.c can be exploited to potentially cause a heap-based buffer overflow via a specially crafted font.

References

CVE Name CVE-2009-0946
URL http://secunia.com/advisories/34723/