2.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2010-08-19	CVE-2010-2498	Out-Of-Bounds Write vulnerability in multiple products The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation. network freetype canonical apple debian CWE-787	6.8
2010-08-19	CVE-2010-2497	Integer Underflow (Wrap OR Wraparound) vulnerability in multiple products Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. network freetype apple debian CWE-191	6.8
2009-04-17	CVE-2009-0946	Integer Overflow OR Wraparound vulnerability in multiple products Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. network low complexity freetype debian canonical opensuse suse apple CWE-190	7.5
2006-05-30	CVE-2006-2661	Null Pointer Dereference vulnerability in multiple products ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. network low complexity freetype debian canonical CWE-476	5.0