Vulnerabilities

CVE-2016-10244

by Fred · 06/03/2017

The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file.

Date published : 2017-03-06

http://www.securityfocus.com/bid/97405

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/ChangeLog?h=VER-2-7

Similar

Tags: Cybersecurity Alert