The vulnerability of the Windows operating system’s font library, allowing a hacker to execute arbitrary code

The vulnerability of the Windows operating system’s font library relates to the improper handling of embedded fonts. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted font file from a remote location...

mozilla: out-of-bounds write with malicious font in graphite2 (MFSA 2016-38)

The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted Graphite smart font...