FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-07-23T22:00:00
Updated: 2024-08-05T18:12:40.680Z
Reserved: 2017-07-23T00:00:00
Link: CVE-2017-11572
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-07-23T22:29:00.353
Modified: 2020-01-13T14:23:34.257
Link: CVE-2017-11572
Redhat