Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact by embedding a PNG file in a .ttf font file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeType ‘Load_SBit_Png’函数拒绝服务漏洞
Vulnerability Description
FreeType是FreeType团队开发的一个基于C语言的、高质量的且可移植的开源字体引擎库,它可用来将字符栅格化并映射成位图以及提供其他字体相关业务的支持。 FreeType 2.5.4之前版本的sfnt/pngshim.c文件中的‘Load_SBit_Png’函数存在安全漏洞,该漏洞源于程序没有限制PNG数据的‘rows’和‘pitch’值。远程攻击者可通过在.ttf font文件夹中嵌入PNG文件利用该漏洞造成拒绝服务(整数溢出和基于堆的缓冲区溢出)。
CVSS Information
N/A
Vulnerability Type
N/A