Solution
Please Install the Updated Packages.
Insight
Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially craftedfont file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges. (CVE-2014-2240, CVE-2014-2241)
Affected
freetype on Ubuntu 13.10
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-2240, CVE-2014-2241 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities