CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

FontForge 20161012 is vulnerable to a buffer over-read in strnmatch char.c resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c...

6.3CVSS8.9AI score0.00273EPSS

Exploits0References4

RedhatCVE•added 2017/07/26 2:51 p.m.•15 views

CVE-2017-11577

FontForge 20161012 is vulnerable to a buffer over-read in getsid parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS4.9AI score0.00273EPSS

Exploits0References1

RedhatCVE•added 2017/07/26 2:50 p.m.•13 views

CVE-2017-11576

FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict parsettf.c resulting in DoS via a crafted otf file...

5.5CVSS2.4AI score0.00249EPSS

Exploits0References1

RedhatCVE•added 2017/07/26 2:50 p.m.•14 views

CVE-2017-11574

FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS5.4AI score0.00635EPSS

Exploits0References1

RedhatCVE•added 2017/07/26 2:50 p.m.•20 views

CVE-2017-11573

FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS3.6AI score0.00273EPSS

Exploits0References1

RedhatCVE•added 2017/07/26 2:49 p.m.•15 views

CVE-2017-11572

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS5.2AI score0.00273EPSS

Exploits0References1

RedhatCVE•added 2017/07/26 2:49 p.m.•19 views

CVE-2017-11570

FontForge 20161012 is vulnerable to a buffer over-read in umodenc parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS4.8AI score0.00273EPSS

Exploits0References1

RedhatCVE•added 2017/07/26 2:48 p.m.•14 views

CVE-2017-11569

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS4.2AI score0.00565EPSS

Exploits0References1

CNVD•added 2017/07/24 12:0 a.m.•1 views

FontForge buffer overflow vulnerability (CNVD-2017-18536)

FontForge is an open source font editing tool that supports multiple languages. A buffer overflow vulnerability exists in strnmatch in FontForge version 20161012. An attacker can exploit this vulnerability to cause a denial of service or code execution with the help of a specially crafted otf fil...

7.8CVSS7.8AI score0.00273EPSS

Exploits0References1

CNVD•added 2017/07/24 12:0 a.m.•1 views

FontForge buffer overflow vulnerability (CNVD-2017-18537)

FontForge is an open source font editing tool that supports multiple languages. A buffer overflow vulnerability exists in readcffset in FontForge version 20161012. An attacker can exploit this vulnerability to cause a denial of service or code execution with the help of a specially crafted otf fi...

7.8CVSS7.8AI score0.00635EPSS

Exploits0References1

CNVD•added 2017/07/24 12:0 a.m.•0 views

FontForge buffer overflow vulnerability (CNVD-2017-18538)

FontForge is an open source font editing tool that supports multiple languages. A buffer overflow vulnerability exists in ValidatePostScriptFontName in FontForge version 20161012. An attacker can exploit this vulnerability with a specially crafted otf file to cause a denial of service or execute...

7.8CVSS7.7AI score0.00273EPSS

Exploits0References1

NVD•added 2017/07/23 10:29 p.m.•7 views

CVE-2017-11575

7.8CVSS7.9AI score0.00273EPSS

Exploits0References2

NVD•added 2017/07/23 10:29 p.m.•10 views

CVE-2017-11571

FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble parsettf.c resulting in DoS or code execution via a crafted otf file...

7.8CVSS8AI score0.00513EPSS

Exploits0References2