4 matches found
FontForge: User-assisted execution of arbitrary code
Background FontForge is a PostScript font editor and converter. Description FontForge is vulnerable to an error when processing the "CHARSETREGISTRY" header in font files, which could cause a stack-based buffer overflow. Impact A remote attacker could entice a user to open a specially crafted BDF...
CVE-2010-4259
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long CHARSETREGISTRY header in a BDF font file...
CVE-2010-4259
FontForge 20100501 is vulnerable to a stack-based buffer overflow triggered by a crafted CHARSET_REGISTRY header in a BDF font file, potentially allowing remote code execution or a denial of service. Public advisories confirm the issue and provide patches/upgrades: Debian DSA-2253-1 recommends up...
CVE-2000-0607
Technical details about CVE-2000-0607 are not provided in the supplied connected documents. The description in the Initial document notes a buffer overflow in KON on Linux, but no affected versions, impact specifics, or remediation are disclosed here. Monitor for updates.