PROBLEM:
FreeType BDF Glyph Processing Buffer Overflow Vulnerability
PLATFORM:
Version(s): prior to 2.4.11
ABSTRACT:
Several vulnerabilities were reported in FreeType. A remote user can cause arbitrary code to be executed on the target user's system.
REFERENCE LINKS:
SecurityTracker Alert ID: 1027921
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
IMPACT ASSESSMENT:
High
DISCUSSION:
A remote user can create a specially crafted font file that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user or application.
A null pointer dereference can be triggered in bdf_free_font() [CVE-2012-5668].
An out-of-bounds read in can be triggered in _bdf_parse_glyphs() [CVE-2012-5669].
An out-of-bounds write can be triggered in _bdf_parse_glyphs() [CVE-2012-5670].
IMPACT:
A remote user can create a font file that, when loaded by the target user, will execute arbitrary code on the target user's system.
SOLUTION:
The vendor has issued a fix (2.4.11).