FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-07-23T22:00:00

Updated: 2024-08-05T18:12:40.565Z

Reserved: 2017-07-23T00:00:00

Link: CVE-2017-11576

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-07-23T22:29:00.477

Modified: 2024-11-21T03:08:03.740

Link: CVE-2017-11576

cve-icon Redhat

Severity : Low

Publid Date: 2017-06-14T00:00:00Z

Links: CVE-2017-11576 - Bugzilla