CVE-2010-2807

Priority
Medium
Description
FreeType before 2.4.2 uses incorrect integer data types during bounds
checking, which allows remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted font
file.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:released (2.4.2)
Patches:
Upstream:http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=346f1867fd32dae8f56e5b482d1af98f626804ac
Upstream:http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=a205b3ca85d2d78aac71ea3c1df104972031d6ad
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:38:48 UTC (commit 9756)