This host is installed with FreeType and is prone to multiple Denial of Service vulnerabilities.

Successful exploitation may allow attackers to execute arbitrary code in the context of an application that uses the affected library. Failed exploitation attempts will likely result in denial-of-service conditions. Impact Level: Application

Upgrade to FreeType version 2.4.2 or later, For updates refer to http://www.freetype.org/

- Buffer overflow error in the 'Mac_Read_POST_Resource()' [src/base/ftobjs.c] function when processig Adobe Type 1 Mac Font File (LWFN) fonts. - Errors related to the bdf/bdflib.c, t42_parse_sfnts function in type42/t42parse.c, FT_Stream_EnterFrame function in base/ftstream.c, ftmulti.c in the ftmulti demo program and to the 'BOUNDS' macro when processing fonts.

FreeType version 2.4.1 and prior.

• http://secunia.com/advisories/40816
• http://sourceforge.net/projects/freetype/files/freetype2/2.4.2/NEWS/view
• http://www.vupen.com/english/advisories/2010/2018

---

Updated on 2015-03-25