Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, when TrueType bytecode support is enabled, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2010-08-19 11:00
Updated : 2021-03-23 09:22
NVD link : CVE-2010-2520
Mitre link : CVE-2010-2520
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
apple
- mac_os_x
canonical
- ubuntu_linux
debian
- debian_linux
freetype
- freetype