An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability.
History

Tue, 26 Aug 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared High-logic
High-logic fontcreator
CPEs cpe:2.3:a:high-logic:fontcreator:15.0.0.3015:*:*:*:*:*:*:*
Vendors & Products High-logic
High-logic fontcreator

Mon, 02 Jun 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 02 Jun 2025 17:30:00 +0000


Mon, 02 Jun 2025 15:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability.
Weaknesses CWE-125
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: talos

Published:

Updated: 2025-06-02T17:03:57.718Z

Reserved: 2025-03-17T17:07:47.093Z

Link: CVE-2025-20001

cve-icon Vulnrichment

Updated: 2025-06-02T17:03:57.718Z

cve-icon NVD

Status : Analyzed

Published: 2025-06-02T15:15:33.110

Modified: 2025-08-26T16:27:09.163

Link: CVE-2025-20001

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.