CVE-2007-2754

Priority
Description
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and
earlier might allow remote attackers to execute arbitrary code via a
crafted TTF image with a negative n_points value, which leads to an integer
overflow and heap-based buffer overflow.
Notes
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2020-03-18 21:56:45 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)