CVE-2016-10328 — Out-of-bounds Write in Freetype
Severity
9.8CRITICALNVD
EPSS
1.0%
top 23.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 14
Latest updateMay 13
Description
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages3 packages
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-48h9-2rjq-qf7x: FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse↗2022-05-13
CVEList▶
CVE-2016-10328: FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse↗2017-04-14
OSV▶
CVE-2016-10328: FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse↗2017-04-14
📋Vendor Advisories
4Oracle
▶
Debian▶
CVE-2016-10328: freetype - FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based b...↗2016
💬Community
4Bugzilla▶
CVE-2016-10328 freetype: heap-based buffer overflow related to the cff_parser_run function↗2017-04-24
Bugzilla▶
CVE-2016-10328 CVE-2017-7857 CVE-2017-7858 CVE-2017-7864 freetype: various flaws [fedora-all]↗2017-04-24
Bugzilla▶
CVE-2016-10328 CVE-2017-7857 CVE-2017-7858 CVE-2017-7864 mingw-freetype: various flaws [epel-7]↗2017-04-24
Bugzilla▶
CVE-2016-10328 CVE-2017-7857 CVE-2017-7858 CVE-2017-7864 mingw-freetype: various flaws [fedora-all]↗2017-04-24