Lucene search

K
cvelistRedhatCVELIST:CVE-2007-2754
HistoryMay 17, 2007 - 10:00 p.m.

CVE-2007-2754

2007-05-1722:00:00
redhat
www.cve.org
1

AI Score

7.9

Confidence

High

EPSS

0.622

Percentile

97.8%

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.

References