FreeType 2 is prone to a remote heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Information
References:
- FreeType Homepage (FreeType)
- [truetype] Fix MVAR post-action handling. (savannah)
- freetype2: Heap-buffer-overflow in tt_size_reset (chromium)