VYPR
Unrated severityNVD Advisory· Published Feb 8, 2015· Updated Jun 17, 2026

CVE-2014-9670

CVE-2014-9670

Description

Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

34

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.