Gentoo Linux Security Advisory 201201-9 - Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause a Denial of Service. Versions less than 2.4.8 are affected.
c2f545da77d59dcae89071ef5db306706481440c4f480de96b07a59229faf95e
Core Security Technologies Advisory - The Apple Type Services is prone to memory corruption due a sign mismatch vulnerability when handling the last offset value of the CharStrings INDEX structure. This vulnerability could be used by a remote attacker to execute arbitrary code, by enticing the user of Mac OS X v10.5.x to view or download a PDF document containing a embedded malicious CFF font.
68f4efdb58f840ab80355a23048b12dea182facc85054b76571b1964d5254a0e
Debian Linux Security Advisory 2105-1 - Several vulnerabilities have been discovered in the FreeType font library.
15966e81ca174dc0e0b6bd21ea79e80353ff0188c445ba38564cccb8ae19db5b
Ubuntu Security Notice 972-1 - It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.
010c2cc1f2fe5a083968584ff14252965fdbb8468368ccc20b8a944ecec9b786
Mandriva Linux Security Advisory 2010-149 - Multiple stack overflow flaws have been reported in the way FreeType font rendering engine processed certain CFF opcodes. An attacker could use these flaws to create a specially-crafted font file that, when opened, would cause an application linked against libfreetype to crash, or, possibly execute arbitrary code.
518eb7bc7249ad25eb6d7bc3621939600acc7d6993a1e8df6ecbb549a4c20422