Computer Security

freetype integer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



freetype integer overflow
Published:25.05.2007
Source:BUGTRAQ
SecurityVulns ID:7734
Type:local
Level:5/10
Description:Integer overflow on TTF fonts parsing leads to heap bufffer overflow.
Affected:FREETYPE : Freetype 2.3
CVE:CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.)
Original documentdocumentRPATH, rPSA-2007-0108-1 freetype (25.05.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru