Skip to main content

FreeType BDF Glyph Processing Buffer Overflow Vulnerability

Last Update Date: 28 Dec 2012 12:02 Release Date: 28 Dec 2012 4705 Views

RISK: Medium Risk

TYPE: Operating Systems - Linux

TYPE: Linux

A vulnerability has been identified in FreeType, which can be exploited by malicious people to potentially compromise an application using the library.

 

The vulnerability is caused due to an error in the "_bdf_parse_glyphs()" function (src/bdf/bdflib.c) when processing glyph information within Bitmap Distribution Format (BDF) files and can be exploited to cause a heap-based buffer overflow.


Impact

  • Remote Code Execution

System / Technologies affected

  • FreeType 2.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.4.11.

Vulnerability Identifier


Source


Related Link