FreeType TTF File Remote Buffer Overflow Vulnerability



source: http://www.securityfocus.com/bid/18326/info


FreeType is prone to a buffer-overflow vulnerability. This issue is due to an integer-underflow that results in a buffer being overrun with attacker-supplied data.

This issue allows remote attackers to execute arbitrary machine code in the context of applications that use the affected library. Failed exploit attempts will likely crash applications, denying service to legitimate users.

FreeType versions prior to 2.2.1 are vulnerable to this issue.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27992.zip