Описание
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 2.1.10-1ubuntu2.8 |
| devel | not-affected | 2.4.4-1ubuntu1 |
| hardy | released | 2.3.5-1ubuntu4.8.04.6 |
| jaunty | ignored | end of life |
| karmic | released | 2.3.9-5ubuntu0.4 |
| lucid | released | 2.3.11-1ubuntu2.4 |
| maverick | released | 2.4.2-2ubuntu0.1 |
| upstream | needs-triage |
Показывать по
6.8 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in Fr ...
Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
6.8 Medium
CVSS2