F5 Networks, Inc. Information for VU#275247

FreeType 2 CFF font stack corruption vulnerability

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

BIG-IP includes FreeType 2.2.1, however it is not allowed to generate graphs from arbitrary font files or documents. Therefore it is not vulnerable to remote attack.

If you have feedback, comments, or additional information about this vulnerability, please send us email.