CVE-2007-2754

CVE-2007-2754 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.

Learn more about our Web Application Penetration Testing UK.