Integer Overflow in tt_sbit_decoder_load_image function in FreeType

Integer Overflow in tt_sbit_decoder_load_image function in FreeType

CVE-2014-9656 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font.

Learn more about our Web Application Penetration Testing UK.