Vulnerabilities > Freetype > Freetype > 2.3.5

DATE CVE VULNERABILITY TITLE RISK
2008-06-16 CVE-2008-1808 Numeric Errors vulnerability in Freetype
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow.
network
low complexity
freetype CWE-189
7.5
7.5
2008-06-16 CVE-2008-1807 Numeric Errors vulnerability in Freetype
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
network
low complexity
freetype CWE-189
7.5
7.5
2008-06-16 CVE-2008-1806 Numeric Errors vulnerability in Freetype
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.
network
low complexity
freetype CWE-189
7.5
7.5