Lucene search

K
osvGoogleOSV:USN-4593-2
HistoryOct 22, 2020 - 2:48 p.m.

freetype vulnerability

2020-10-2214:48:01
Google
osv.dev
8

AI Score

7

Confidence

High

EPSS

0.026

Percentile

90.3%

USN-4593-1 fixed a vulnerability in FreeType. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

Sergei Glazunov discovered that FreeType did not correctly handle certain
malformed font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause FreeType to crash or possibly
execute arbitrary code with user privileges.