Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-v2ts-kp6b-13ht
Vulnerability ID VCID-v2ts-kp6b-13ht
Aliases CVE-2010-2807
Summary FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.05194 https://api.first.org/data/v1/epss?cve=CVE-2010-2807
epss 0.05194 https://api.first.org/data/v1/epss?cve=CVE-2010-2807
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2807.json
https://api.first.org/data/v1/epss?cve=CVE-2010-2807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2807
625627 https://bugzilla.redhat.com/show_bug.cgi?id=625627
GLSA-201201-09 https://security.gentoo.org/glsa/201201-09
USN-972-1 https://usn.ubuntu.com/972-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.90091
EPSS Score 0.05194
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:37:32.035018+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0