The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-02-08T11:00:00
Updated: 2017-06-30T16:57:01
Reserved: 2015-02-07T00:00:00
Link: CVE-2014-9663
JSON object: View
NVD Information
Status : Modified
Published: 2015-02-08T11:59:25.490
Modified: 2018-10-30T16:27:35.843
Link: CVE-2014-9663
JSON object: View
Redhat Information
No data.
CWE