4 matches found
CVE-2025-15277
CVE-2025-15277 affects FontForge’s GUtils SGI file parsing. The vulnerability is a heap-based buffer overflow in the SGI scanline parsing path caused by insufficient validation of the length of user-supplied data, enabling remote code execution in the context of the current process. Exploitation ...
(0Day) FontForge GUtils SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of FontForge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of scanlines...
CVE-2021-34319
A vulnerability has been identified in JT2Go All versions V13.2, Teamcenter Visualization All versions V13.2. The BMPloader.dll library in affected applications lacks proper validation of user-supplied data when parsing SGI files. This could result in an out of bounds write past the end of an...
CVE-2020-26995
A vulnerability has been identified in JT2Go All versions V13.1.0, Teamcenter Visualization All versions V13.1.0. Affected applications lack proper validation of user-supplied data when parsing of SGI and RGB files. This could result in an out of bounds write past the end of an allocated structur...