VYPR
Unrated severityNVD Advisory· Published Jun 16, 2008· Updated Jun 16, 2026

CVE-2008-1807

CVE-2008-1807

Description

FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • FreeType/Freetype5 versions
    cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*
    • (no CPE)range: <2.3.6

Patches

Vulnerability mechanics

References

56

News mentions

0

No linked articles in our index yet.