CVE-2014-9665

Name of the Vulnerable Software and Affected Versions FreeType versions prior to 2.5.4

Description The issue is related to the Load SBit Png function in sfnt/pngshim.c, which does not properly restrict the rows and pitch values of PNG data. This allows remote attackers to cause a denial of service, including integer overflow and heap-based buffer overflow, or possibly have other unspecified impacts by embedding a PNG file in a .ttf font file.

Recommendations For versions prior to 2.5.4, update to version 2.5.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of PNG files embedded in .ttf font files to minimize the risk of exploitation.