CVE-2014-9662
Publication date 8 February 2015
Last updated 24 July 2024
Ubuntu priority
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.
Status
Package | Ubuntu Release | Status |
---|---|---|
freetype | ||
14.04 LTS trusty |
Fixed 2.5.2-1ubuntu2.4
|
|
References
Related Ubuntu Security Notices (USN)
- USN-2510-1
- FreeType vulnerabilities
- 24 February 2015