VYPR
Unrated severityNVD Advisory· Published Jun 16, 2008· Updated Jun 16, 2026

CVE-2008-1806

CVE-2008-1806

Description

Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • FreeType/Freetype5 versions
    cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*
    • (no CPE)range: <2.3.6

Patches

Vulnerability mechanics

References

56

News mentions

0

No linked articles in our index yet.