Your submission was sent successfully! Close

CVE-2008-1808

Published: 16 June 2008

Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow.

Priority

Medium

Status

Package Release Status
freetype
Launchpad, Ubuntu, Debian
Upstream
Released (2.3.6-1)