CVE-2010-3855

Name of the Vulnerable Software and Affected Versions FreeType versions prior to 2.4.8

Description The issue affects the FreeType package in Gentoo Linux, potentially leading to breaches in confidentiality, integrity, and availability of protected information. Exploitation can occur remotely. A buffer overflow in the ft var readpackedpoints function in truetype/ttgxvar.c allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted TrueType GX font.

Recommendations For versions prior to 2.4.8, update to version 2.4.8 or later to resolve the issue. As a temporary workaround, consider restricting the use of crafted TrueType GX fonts to minimize the risk of exploitation.