CVE-2007-2754

Description

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overflow.

How to fix CVE-2007-2754

To remediate CVE-2007-2754, upgrade the affected package to a fixed version below.

• Debian/freetype—upgrade to 2.2.1-6 or later
• Debian/freetype—upgrade to 2.2.1-5+etch1 or later
• Debian/freetype—upgrade to 2.1.7-8 or later

Is CVE-2007-2754 being exploited?

Moderate — EPSS is 41.9%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (3)

• from 0, < 2.2.1-6
• from 0, < 2.2.1-5+etch1
• from 0, < 2.1.7-8

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2007-2754