3 matches found
FontForge buffer overflow vulnerability (CNVD-2020-01920)
FontForge is an open source font editing tool that supports multiple languages. A buffer overflow vulnerability exists in the 'Type2NotDefSplines' function of the splinesave.c file in FontForge version 20190801. The vulnerability stems from a networked system or product performing operations in...
FontForge Resource Management Error Vulnerability
FontForge is an open source font editing tool that supports multiple languages. A resource management error vulnerability exists in the 'SFDGetFontMetaData' function of the sfd.c file in FontForge version 20190801. The vulnerability stems from mismanagement of system resources e.g., memory, disk...
PT-2020-18478 · Fontforge +3 · Fontforge +3
Name of the Vulnerable Software and Affected Versions: FontForge version 20190801 Description: The issue is a heap-based buffer overflow in the Type2NotDefSplines function in splinesave.c. This occurs due to improper handling of data, leading to a potential overflow. Recommendations: For FontForg...