Buffer Over-read Vulnerability in FreeType 2 by FreeType Project
CVE-2016-10244

7.8HIGH

Key Information:

Vendor
Freetype
Status
Freetype
Vendor
CVE Published:
6 March 2017

Summary

The parse_charstrings function within the type1/t1load.c file of FreeType 2, prior to version 2.7, has a flaw that allows attackers to exploit the lack of validation for glyph names in font files. This vulnerability can lead to a denial of service through heap-based buffer over-reads, posing significant risks when processing specially crafted font files.

References

http://git.savannah.gnu.org/cgit/freetype/freetype2.git/t...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038090
vdb-entryx_refsource_SECTRACK
https://security.gentoo.org/glsa/201706-14
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.