Security Vulnerability in FreeType 2 Font Engine May Allow Privilege Escalation Due to Heap Overflow
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value which leads to an integer overflow and heap-based buffer overflow.
- Sun Solaris 8
- Sun Solaris 9
- Sun Solaris 10