Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apple iOS FreeType栈缓冲区溢出漏洞
Vulnerability Description
FreeType是FreeType团队开发的一个基于C语言的、高质量的且可移植的开源字体引擎库,它可用来将字符栅格化并映射成位图以及提供其他字体相关业务的支持。 在iPhone和iPod touch上的Apple iOS 4.0.2之前版本以及iPad上的3.2.2之前版本中使用的FreeType 2.4.2之前版本中的cff/cffgload.c的CFF Type2 CharStrings解释器中的cff_decoder_parse_charstrings函数中存在多个基于栈的缓冲区溢出漏洞。远程攻击者
CVSS Information
N/A
Vulnerability Type
N/A