CVE-2015-9381

Published: 03 September 2019

FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.

Priority

Low

CVSS 3 base score: 8.8

Status

Package Release Status
freetype
Launchpad, Ubuntu, Debian
Upstream
Released (2.6.1-0.1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(2.8.1-2ubuntu2)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(2.6.1-0.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.5.2-1ubuntu2.8+esm1)