CVE-2010-3855

Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.

Published: Nov 26, 2010
Updated: Nov 9, 2025
CVE: CVE-2010-3855
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
freetype / freetype	2.4.0	2.4.0.x
freetype / freetype	2.4.2	2.4.2.x
freetype / freetype	2.3.6	2.3.6.x
freetype / freetype	2.1.9	2.1.9.x
freetype / freetype	2.1.10	2.1.10.x
freetype / freetype	2.3.4	2.3.4.x
freetype / freetype	2.3.5	2.3.5.x
freetype / freetype	2.1	2.1.x
freetype / freetype	2.1.5	2.1.5.x
freetype / freetype	2.3.10	2.3.10.x
freetype / freetype	1.3.1	1.3.1.x
freetype / freetype	2.1.8	2.1.8.x
freetype / freetype	2.2.10	2.2.10.x
freetype / freetype	2.2.1	2.2.1.x
freetype / freetype	2.1.3	2.1.3.x
freetype / freetype	2.3.3	2.3.3.x
freetype / freetype	2.1.6	2.1.6.x
freetype / freetype	2.3.0	2.3.0.x
freetype / freetype	2.3.1	2.3.1.x
freetype / freetype	-	2.4.3.x
freetype / freetype	2.4.1	2.4.1.x
freetype / freetype	2.0.9	2.0.9.x
freetype / freetype	2.3.7	2.3.7.x
freetype / freetype	2.0.6	2.0.6.x
freetype / freetype	2.3.8	2.3.8.x
freetype / freetype	2.3.11	2.3.11.x
freetype / freetype	2.3.2	2.3.2.x
freetype / freetype	2.3.12	2.3.12.x
freetype / freetype	2.3.9	2.3.9.x
freetype / freetype	2.1.7	2.1.7.x
freetype / freetype	2.1.4	2.1.4.x
freetype / freetype	2.2.0	2.2.0.x

Vulnerability Database

300,445

CVE-2010-3855

Deep Security Visibility Without the Complexity