9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.058 Low
EPSS
Percentile
93.3%
Vincent Danen reports:
Due to an error within the t1_decoder_parse_charstrings()
function (src/psaux/t1decode.c) and can be exploited to corrupt
memory by tricking a user into processing a specially-crafted
postscript Type1 font in an application that uses the freetype
library.