RSS   Podatności dla 'Fontforge'   RSS

2019-08-29
 
CVE-2019-15785

CWE-119
 

 
FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c.

 
2017-12-14
 
CVE-2017-17521

CWE-74
 

 
uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534.

 
2017-07-23
 
CVE-2017-11577

CWE-125
 

 
FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file.

 
 
CVE-2017-11576

 

 
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file.

 
 
CVE-2017-11575

CWE-125
 

 
FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.

 
 
CVE-2017-11574

 

 
FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file.

 
 
CVE-2017-11573

CWE-125
 

 
FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file.

 
 
CVE-2017-11572

CWE-125
 

 
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.

 
 
CVE-2017-11571

 

 
FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file.

 
 
CVE-2017-11570

CWE-125
 

 
FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file.

 


Copyright 2024, cxsecurity.com

 

Back to Top