Intrusion Prevention

FreeType.TrueType.Load_SBit_Png.Integer.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in FreeType Project FreeType.
This is due to a integer truncation in Load_SBit_Png function. A remote attacker can exploit this vulnerability by enticing a user to process a maliciously crafted font. This can result in code execution in the context of the affected application.

Affected Products

FreeType Project FreeType prior to 2.10.4

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://sourceforge.net/projects/freetype/files/freetype2/2.10.4/

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date	Version	Status	Detail
2024-03-18	27.750	Modified	Sig Added
2020-11-17	16.963	Modified	Default_action:pass:drop
2020-11-09	16.958	New

ID	49566
Created	Oct 29, 2020
Updated	Mar 18, 2024
CVE ID
Risk
Known Exploited	Yes
Exploit Prediction Score	92.91%
Default Action	drop
Active
Affected OS	Linux, Other
Affected App	Other
Profile Type	Buffer Errors

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Intrusion Prevention

FreeType.TrueType.Load_SBit_Png.Integer.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Intrusion Prevention

FreeType.TrueType.Load_SBit_Png.Integer.Buffer.Overflow

Description

Affected Products

Impact

Recommended Actions

Coverage

Version Updates

Threat Intelligence
Center