FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file.
References
Link | Resource |
---|---|
https://github.com/fontforge/fontforge/issues/3098 | Issue Tracking Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:02
Updated: 2022-10-03T16:23:02
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-11573
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-07-23T22:29:00.383
Modified: 2020-01-13T14:23:34.257
Link: CVE-2017-11573
JSON object: View
Redhat Information
No data.
CWE