Lucene search
+L

34 matches found

CVE
CVE
added 2017/07/23 10:0 p.m.84 views

CVE-2017-11575

FontForge 20161012 is affected by CVE-2017-11575: a buffer over-read in strnmatch (char.c) can trigger DoS or code execution via a crafted OpenType font, linked to readttfcopyrights in parsettf.c. Multiple advisories confirm the issue and document fixes in later FontForge releases (e.g., updates ...

7.8CVSS7.5AI score0.01224EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/07/23 10:0 p.m.78 views

CVE-2017-11577

FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) that can lead to DoS or code execution via a crafted OpenType font (OTF). Exploitation details are described in the CVE-2017-11577 entry, and multiple sources indicate a fix in fontforge updates (e.g., SUSE and Mageia a...

7.8CVSS7.5AI score0.01224EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/07/23 10:0 p.m.87 views

CVE-2017-11576

CVE-2017-11576 affects FontForge (min. FontForge 20161012). The root cause is a check failure in a weight vector memcpy in readcfftopdict (parsettf.c), which can lead to a denial of service or recovery via a crafted OpenType font file. Public sources in connected documents confirm the vulnerabili...

5.5CVSS5.9AI score0.00707EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2017/07/23 10:0 p.m.44 views

CVE-2017-11575

FontForge 20161012 is vulnerable to a buffer over-read in strnmatch char.c resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c...

7.8CVSS7.9AI score0.01224EPSS
Exploits0
Cvelist
Cvelist
added 2017/07/23 10:0 p.m.25 views

CVE-2017-11574

FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset parsettf.c resulting in DoS or code execution via a crafted otf file...

7.7AI score0.01363EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/07/23 10:0 p.m.32 views

CVE-2017-11570

FontForge 20161012 is vulnerable to a buffer over-read in umodenc parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8AI score0.01276EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/07/23 10:0 p.m.27 views

CVE-2017-11572

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts parsettf.c resulting in DoS or code execution via a crafted otf file...

7.6AI score0.01224EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/07/23 10:0 p.m.51 views

CVE-2017-11570

FontForge 20161012 is vulnerable to a buffer over-read in umodenc parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS7.9AI score0.01276EPSS
Exploits0
CVE
CVE
added 2017/07/23 10:0 p.m.70 views

CVE-2017-11570

FontForge 20161012 is affected by a buffer over-read in umodenc (parsettf.c) that can lead to DoS or code execution when processing a crafted otf file. Root cause: buffer over-read in font parsing of TrueType/OpenType glyph data. Impact is dependent on attacker-controlled font files; in the publi...

7.8CVSS7.7AI score0.01276EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/23 10:0 p.m.27 views

CVE-2017-11577

FontForge 20161012 is vulnerable to a buffer over-read in getsid parsettf.c resulting in DoS or code execution via a crafted otf file...

7.6AI score0.01224EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/07/23 12:0 a.m.20 views

CVE-2017-11569

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS7.6AI score0.01406EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/07/23 12:0 a.m.22 views

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS7.6AI score0.0144EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/07/23 12:0 a.m.13 views

CVE-2017-11572

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS7.4AI score0.01224EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/07/23 12:0 a.m.21 views

CVE-2017-11575

FontForge 20161012 is vulnerable to a buffer over-read in strnmatch char.c resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c...

7.8CVSS7.4AI score0.01224EPSS
Exploits0References3
Rows per page
Query Builder