FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and
other products, allows remote attackers to cause a denial of service
(invalid heap read operation and memory corruption) or possibly execute
arbitrary code via crafted dictionary data in a Type 1 font.
Author | Note |
---|---|
tyhicks | Original fix caused regressions. Bugs and fixes linked below. |