Mateusz Jurczyk from the Google Security Team discovered several vulnerabilties in Freetype"s parsing of BDF, Type1 and TrueType fonts, which could result in the execution of arbitrary code if a malformed font file is processed.