FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file.
References
Link | Resource |
---|---|
https://github.com/fontforge/fontforge/issues/3098 | Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2017-07-23 15:29
Updated : 2020-01-13 06:23
NVD link : CVE-2017-11573
Mitre link : CVE-2017-11573
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
fontforge
- fontforge