CVE-2010-3855

EPSS 4.3%

Published: 11/26/2010Modified: 4/28/2026

Description

Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.

Affected packages (1)

Debian/freetypefrom 0, < 2.4.2-2.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3855