FreeType TrueType Font 'SHC' Heap Buffer Overflow Vulnerability
FreeType is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit this issue to execute arbitrary within the context of the application using the FreeType library. Failed exploit attempts will result in a denial-of-service vulnerability.
NOTE: This issue may allow a local attacker using X.Org X server to gain elevated privileges on the affected computer.
FreeType 2.3.5 is vulnerable; other versions may also be affected.