The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. (CVE-2012-5669)
Impact
This vulnerability may allow context-dependent attackers to cause a denial-of-service (DoS) and possibly run arbitrary code. However, this vulnerability is considered a local vulnerability for BIG-IP modules, and cannot be exploited in supported configurations.