freetype is vulnerable to arbitrary code execution. The vulnerability exists as it was found that the FreeType font rendering engine improperly validated certain position values when processing input streams. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
freetype.sourceforge.net/index2.html#release-freetype-2.4.2
git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=45a3c76b547511fa9d97aca34b150a0663257375
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
marc.info/?l=oss-security&m=128111955616772&w=2
secunia.com/advisories/40816
secunia.com/advisories/40982
secunia.com/advisories/42314
secunia.com/advisories/42317
secunia.com/advisories/48951
sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
support.apple.com/kb/HT4435
support.apple.com/kb/HT4456
support.apple.com/kb/HT4457
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2010-0864.html
www.securityfocus.com/bid/42285
www.ubuntu.com/usn/USN-972-1
www.vupen.com/english/advisories/2010/2018
www.vupen.com/english/advisories/2010/2106
www.vupen.com/english/advisories/2010/3045
www.vupen.com/english/advisories/2010/3046
access.redhat.com/errata/RHSA-2010:0864
bugs.launchpad.net/ubuntu/maverick/+source/freetype/+bug/617019
savannah.nongnu.org/bugs/?30644