CVE-2007-2754
Publication date 17 May 2007
Last updated 24 July 2024
Ubuntu priority
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.
Status
Package | Ubuntu Release | Status |
---|---|---|
freetype | 7.04 feisty |
Fixed 2.2.1-5ubuntu1.1
|
6.10 edgy |
Fixed 2.2.1-5ubuntu0.2
|
|
6.06 LTS dapper |
Fixed 2.1.10-1ubuntu2.4
|
|
openoffice.org-l10n | 7.04 feisty |
Not affected
|
6.10 edgy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|