Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24944
HistoryApr 10, 2020 - 1:09 a.m.

Arbitrary Code Execution

2020-04-1001:09:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11

EPSS

0.063

Percentile

93.7%

freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font (TTF), Glyph Bitmap Distribution Format (BDF), Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

References