graphite2 -- out-of-bounds write with malicious font

ID CF133ACC-82E7-4755-A66A-5DDF90DACBE6
Type freebsd
Reporter FreeBSD
Modified 2017-04-20T00:00:00


Mozilla Foundation reports:

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products.