SUSE CVE-2014-9659
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted OpenType font. NOTE: this...