Integer signedness error in the MacReadPOST_Resource function in base/ftobjs.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font.
{ "binaries": [ { "binary_name": "freetype2-demos", "binary_version": "2.5.2-1ubuntu2.4" }, { "binary_name": "libfreetype6", "binary_version": "2.5.2-1ubuntu2.4" }, { "binary_name": "libfreetype6-dev", "binary_version": "2.5.2-1ubuntu2.4" }, { "binary_name": "libfreetype6-udeb", "binary_version": "2.5.2-1ubuntu2.4" } ], "availability": "No subscription required" }