FreeType is generally used open source library for font type handling. There has been found a vulnerability in its Compact Font Format (CFF) font processing. The vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The vulnerability is being used in the iPhone PDF JailBreak exploit.
Affected vendors are:
- Apple Inc
- Foxit Software Company
- RedHat, Inc
More information:
- http://www.kb.cert.org/vuls/id/275247
- http://secunia.com/advisories/40816
- http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#iphone
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment