OTFCC Buffer Overflow Vulnerability (CNVD-2024-08548)
OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A buffer overflow vulnerability exists in OTFCC version 0.10.4, which stems from a lack of proper validation of user-supplied data in the /release-x64/otfccdump+0x6b0b2c file, and can be...