CVE-2010-2808

Name of the Vulnerable Software and Affected Versions freetype versions prior to 2.4.8 freetype versions prior to 2.4.2

Description The issue affects the freetype package in Gentoo Linux, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can occur remotely. A buffer overflow in the Mac Read POST Resource function in base/ftobjs.c allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File.

Recommendations For versions prior to 2.4.2, consider updating to version 2.4.2 or later to resolve the buffer overflow issue in the Mac Read POST Resource function. For versions prior to 2.4.8, update to version 2.4.8 or later to address the multiple vulnerabilities. As a temporary workaround, consider restricting the use of crafted Adobe Type 1 Mac Font Files to minimize the risk of exploitation.