[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ft-devel] serious Windows security issues with PS CharStrings
From: |
suzuki toshiya |
Subject: |
Re: [ft-devel] serious Windows security issues with PS CharStrings |
Date: |
Thu, 09 Jul 2015 09:42:41 +0900 |
User-agent: |
Mozilla-Thunderbird 2.0.0.24 (X11/20100329) |
I'm relieved to see that the security issue comes from
ATMFD.DLL, not from FreeType, although we should take
it as an object lesson...
Regards,
mpsuzuki
Werner LEMBERG wrote:
> This blog entry
>
> http://j00ru.vexillium.org/?p=2520
>
> describes a just recently fixed worst-case Windows exploit (existing
> on all Windows versions!), using a PDF that contains a font with an
> invalid `blend' instruction.
>
> I only understand 10% of the stuff, but it is still fun to read :-)
>
>
> Werner
>
> _______________________________________________
> Freetype-devel mailing list
> address@hidden
> https://lists.nongnu.org/mailman/listinfo/freetype-devel