Denial of Service Vulnerability in FreeType by The FreeType Project
CVE-2014-2241

Currently unrated

Key Information:

Vendor

Freetype

Status
Freetype
Vendor
CVE Published:
18 March 2014

What is CVE-2014-2241?

The FreeType library exhibits a vulnerability in certain functions within cff/cf2ft.c that fail to properly verify the existence of subroutines. This oversight allows remote adversaries to exploit specially crafted TrueType font (TTF) files, leading to assertion failures and resulting in denial of service. Attackers can leverage this vulnerability to disrupt services dependent on FreeType, requiring proactive measures for remediation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/c...
x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-2148-1
vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/57447
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.