FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

freetype2 -- execute arbitrary code or cause denial of service

Affected packages
freetype2 < 2.4.6

Details

VuXML ID 5d374b01-c3ee-11e0-8aa5-485d60cb5385
Discovery 2011-07-19
Entry 2011-08-11

Vincent Danen reports:

Due to an error within the t1_decoder_parse_charstrings() function (src/psaux/t1decode.c) and can be exploited to corrupt memory by tricking a user into processing a specially-crafted postscript Type1 font in an application that uses the freetype library.

[source]

References

CVE Name CVE-2011-0226
URL https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0226

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.