Vulnerabilities > Freetype > Freetype > 2.7.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-06 | CVE-2016-10244 | Out-of-bounds Read vulnerability in multiple products The parse_charstrings function in type1/t1load.c in FreeType 2 before 2.7 does not ensure that a font contains a glyph name, which allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted file. | 6.8 |