Описание
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListRelease NotesThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListRelease NotesThird Party Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
Heap-based buffer overflow in the Mac_Read_POST_Resource function in b ...
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
EPSS
6.8 Medium
CVSS2