SUSE CVE-2017-11568

FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines psread.c resulting in DoS or code execution via a crafted otf file...

FontForge buffer overflow vulnerability (CNVD-2017-18365)

FontForge is an open source font editing tool that supports multiple languages. A buffer overflow vulnerability exists in PSCharStringToSplines in FontForge version 20161012. An attacker can exploit this vulnerability to cause a denial of service or code execution with the help of a specially...