FreeType Printer Font Binary Heap Buffer Overflow Vulnerability

FreeType is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code within the context of the application using the FreeType library. Failed exploit attempts will result in a denial-of-service vulnerability.

NOTE: This issue may allow a local attacker using X.Org Xserver to gain elevated privileges on the affected computer.

Successfully exploiting this issue will result in the complete compromise of affected computers.

FreeType 2.3.5 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus