Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeType ‘the pcf_get_encodings’函数数字错误漏洞
Vulnerability Description
FreeType是FreeType团队开发的一个基于C语言的、高质量的且可移植的开源字体引擎库,它可用来将字符栅格化并映射成位图以及提供其他字体相关业务的支持。 FreeType 2.5.4之前版本的pcf/pcfread.c文件中的‘the pcf_get_encodings’函数存在整数符号错误漏洞。远程攻击者可借助特制的PCF文件利用该漏洞造成拒绝服务(整数溢出,空指针逆向引用和应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A