VYPR
Unrated severityNVD Advisory· Published Jun 16, 2008· Updated Jun 16, 2026

CVE-2008-1808

CVE-2008-1808

Description

Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

13
  • FreeType/Freetype13 versions
    cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*
    • (no CPE)range: <2.3.6

Patches

Vulnerability mechanics

References

59

News mentions

0

No linked articles in our index yet.