Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeType 拒绝服务漏洞
Vulnerability Description
FreeType是FreeType团队开发的一个基于C语言的、高质量的且可移植的开源字体引擎库,它可用来将字符栅格化并映射成位图以及提供其他字体相关业务的支持。 FreeType 2.5.4之前版本中存在安全漏洞,该漏洞源于程序执行parsing操作时,没有检查数据的末尾。远程攻击者可借助特制的Type42字体利用该漏洞造成拒绝服务(越边界读取)。
CVSS Information
N/A
Vulnerability Type
N/A