2010-08-19 20:00:05 2021-01-26 13:43:00

FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Freetype Freetype * * * * (not an official CPE) Freetype Freetype 2.4.0 * * * (not an official CPE) Freetype Freetype 2.3.12 * * * (not an official CPE) Freetype Freetype 2.3.11 * * * (not an official CPE) Freetype Freetype 2.3.10 * * * (not an official CPE) Freetype Freetype 2.3.9 * * * (not an official CPE) Freetype Freetype 2.3.8 * * * (not an official CPE) Freetype Freetype 2.3.7 * * * (not an official CPE) Freetype Freetype 2.3.6 * * * (not an official CPE) Freetype Freetype 2.3.5 * * * (not an official CPE) Freetype Freetype 2.3.4 * * * (not an official CPE) Freetype Freetype 2.3.3 * * * (not an official CPE) Freetype Freetype 2.3.2 * * * (not an official CPE) Freetype Freetype 2.3.1 * * * (not an official CPE) Freetype Freetype 2.3.0 * * * (not an official CPE) Freetype Freetype 2.2.10 * * * (not an official CPE) Freetype Freetype 2.2.1 * * * (not an official CPE) Freetype Freetype 2.2.0 * * * (not an official CPE) Freetype Freetype 2.1.10 * * * (not an official CPE) Freetype Freetype 2.1.9 * * * (not an official CPE) Freetype Freetype 2.1.8 * * * (not an official CPE) Freetype Freetype 2.1.7 * * * (not an official CPE) Freetype Freetype 2.1.6 * * * (not an official CPE) Freetype Freetype 2.1.5 * * * (not an official CPE) Freetype Freetype 2.1.4 * * * (not an official CPE) Freetype Freetype 2.1.3 * * * (not an official CPE) Freetype Freetype 2.1 * * * (not an official CPE) Freetype Freetype 2.0.9 * * * (not an official CPE) Freetype Freetype 2.0.6 * * * (not an official CPE) Freetype Freetype 1.3.1 * * * (not an official CPE)