Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2016-10328 - log back

CVE-2016-10328 created at 25 Sep 2019 19:31:40

Severity

+

High

Remote

+

Local

Type

+	Arbitrary code execution

Description

+	FreeType 2 before 2016-12-16 (2.7.1) has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.

References

+	https://savannah.nongnu.org/bugs/?func=detailitem&item_id=49858
+	https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=beecf80a6deecbaf5d264d4f864451bde4fe98b8
+	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289

Notes