FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | >= 15.6-rc-1, < 15.10-rc-1 |
| n/a | n/a | 6.16 |