VIR Vulnerability Intelligence Relay

CVE-2014-9659

high
Published 2015-02-08 · Modified 2026-05-06
CVSS v3
CVSS v2
7.5
VIR risk
7.5

Description

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted OpenType font. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2240.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2014-9659

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=2cdc4562f873237f1c77d43540537c7a721d3fd8

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed2.5.2-3
debian debianbullseyefixed2.5.2-3
debian debianforkyfixed2.5.2-3
debian debiansidfixed2.5.2-3
debian debiantrixiefixed2.5.2-3
ubuntu ubuntu10.04affected
ubuntu ubuntu12.04affected
ubuntu ubuntu14.04affected
ubuntu ubuntu14.10affected
ubuntu ubuntu15.04affected
suse suse13.1affected
suse suse13.2affected
fedora fedora20affected
fedora fedora21affected

Application impact
VendorProductVersionsFixed
freetypefreetype{"endIncluding":"2.5.3"}

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.