CVE-2014-9663
Publication date 8 February 2015
Last updated 24 July 2024
Ubuntu priority
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
Status
Package | Ubuntu Release | Status |
---|---|---|
freetype | ||
14.04 LTS trusty |
Fixed 2.5.2-1ubuntu2.4
|
|
References
Related Ubuntu Security Notices (USN)
- USN-2510-1
- FreeType vulnerabilities
- 24 February 2015