CVE-2014-9670 (retired)

Priority
Description
Multiple integer signedness errors in the pcf_get_encodings function in
pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a
denial of service (integer overflow, NULL pointer dereference, and
application crash) via a crafted PCF file that specifies negative values
for the first column and first row.
Assigned-to
mdeslaur
More Information

Updated: 2019-09-19 15:51:32 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)