An exploitable denial of service vulnerability exists
in the font handling of Libgraphite. A specially crafted font can cause
an out-of-bounds read potentially resulting in an information leak or
denial of service.
A specially crafted font can cause a buffer overflow
resulting in potential code execution.
An exploitable NULL pointer dereference exists in the
bidirectional font handling functionality of Libgraphite. A specially
crafted font can cause a NULL pointer dereference resulting in a
crash.