CVE-2014-9658 (retired)

Priority
Description
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4
enforces an incorrect minimum table length, which allows remote attackers
to cause a denial of service (out-of-bounds read) or possibly have
unspecified other impact via a crafted TrueType font.
Assigned-to
mdeslaur
More Information

Updated: 2019-09-19 15:51:31 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)