Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24401
HistoryApr 10, 2020 - 12:53 a.m.

Arbitrary Code Execution

2020-04-1000:53:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14

EPSS

0.004

Percentile

73.9%

freetype is vulnerable to arbitrary code execution. The vulnerability exists as it was found that the FreeType font rendering engine improperly validated certain position values when processing input streams. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.

References