USN-767-1 -- freetype vulnerability
|ID: oval:org.secpod.oval:def:700447||Date: (C)2011-05-13 (M)2017-11-27|
|Class: PATCH||Family: unix|
Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.