CVE-2015-9382

Severity CVSS v4.0:
Pending analysis
Type:
CWE-125 Out-of-bounds Read
Publication date:
03/09/2019
Last modified:
10/09/2019

Description

FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_skip_PS_token is mishandled in an FT_New_Memory_Face operation.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:* 2.6.1 (excluding)
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*