) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:freetype:freetype:2.3.5
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2008-1806 |
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow. Published: June 16, 2008; 3:41:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-1807 |
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption. Published: June 16, 2008; 3:41:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2008-1808 |
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow. Published: June 16, 2008; 3:41:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |