Red Hat Customer Portal

Skip to main content

CVE-2007-2754

Impact:
Moderate
Public Date:
2007-04-27
CWE:
CWE-190
Bugzilla:
240200: CVE-2007-2754 freetype integer overflow

The MITRE CVE dictionary describes this issue as:

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.

Find out more about CVE-2007-2754 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (freetype) RHSA-2009:0329 2009-05-22
Red Hat Enterprise Linux 3 (freetype) RHSA-2007:0403 2007-06-11
Red Hat Enterprise Linux 3 (freetype) RHSA-2009:0329 2009-05-22
Red Hat Enterprise Linux 4 (freetype) RHSA-2007:0403 2007-06-11
Red Hat Enterprise Linux 5 (freetype) RHSA-2007:0403 2007-06-11
Red Hat Enterprise Linux 2.1 (freetype) RHSA-2009:1062 2009-05-22
Red Hat Enterprise Linux 2.1 (freetype) RHSA-2007:0403 2007-06-11

Last Modified