Your submission was sent successfully! Close

CVE-2009-0946

Published: 17 April 2009

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

Notes

AuthorNote
mdeslaur
reproducers don't crash freetype1
Priority

Medium