Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is installed with FreeType and is prone to multiple vulnerabilities.
Insight
Insight
Multiple flaws are due to, - An error in the 'demo' programs. - A heap-based buffer overflow in the 'Ins_IUP function()' in 'truetype/ttinterp.c' and 'Mac_Read_POST_Resource()' function in ' base/ftobjs.c'. - An integer overflow in the 'gray_render_span()' function in 'smooth/ftgrays.c' and integer underflow in 'glyph' handling. - A Buffer overflow in the 'Mac_Read_POST_Resource()' function in 'base/ftobjs.c'. - An error in the 'psh_glyph_find_strong_pointr()' function in 'pshinter/pshalgo.c'. when processing malformed font files.
Affected Software
Affected Software
FreeType versions prior to 2.4.0
Solution
Solution
Upgrade to FreeType version 2.4.2 or later.