-
Red Hat Enterprise Linux: Important freetype security update
RHSA-2010:0737-01: Important: freetype security update |
Product: Red Hat Enterprise Linux
|
It was discovered that the FreeType font rendering engine improperly
validated certain position values when processing input streams. If a user
loaded a specially-crafted font file with an application linked against
FreeType, and the relevant font glyphs were subsequently rendered with the
X FreeType library (libXft), it could trigger a heap-based buffer overflow
in the libXft library, causing the application to crash or, possibly,
execute arbitrary code with the privileges of the user running the
application. Read more at http://www.criticalwatch.com |
Reply