CVE-2014-2240

描述

Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of stem hints in a font file.

受影響套件(1)

• Debian/freetypefrom 0, < 2.5.2-1.1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-2240