CVE-2009-0946
EPSS 16.4%freetype - arbitrary code execution
發布日:2009/4/17修改日:2026/4/28
描述
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
受影響套件(2)
- Debian/freetypefrom 0, < 2.3.9-4.1
- Debian/freetypefrom 0, < 2.2.1-5+etch4