Buffer overflow in the ReadFontTbl function in reader.c for rtf2latex2e 1.0fc2 allows remote attackers to execute arbitrary code via a crafted RTF file.