5 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11569
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights parsettf.c resulting in DoS or code execution via a crafted otf file...
RHEL 7 : fontforge (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - fontforge: Command injetion in help function uiutil.c CVE-2017-17521 - FontForge 20161012 is vulnerable t...
SUSE CVE-2017-11569
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights parsettf.c resulting in DoS or code execution via a crafted otf file...
USN-3409-1: FontForge vulnerabilities
It was discovered that FontForge was vulnerable to a heap-based buffer over-read. A remote attacker could use a crafted file to DoS or execute arbitrary code. CVE-2017-11568, CVE-2017-11569, CVE-2017-11572 It was discovered that FontForge was vulnerable to a stack-based buffer overflow. A remote...
CVE-2017-11569
CVE-2017-11569 affects FontForge 20161012, with a heap-based buffer over-read in readttfcopyrights (parsettf.c) that can lead to DoS or code execution via a crafted OpenType font. Multiple linked advisories note the issue and document fixes in later releases (e.g., Mageia MGASA-2018-0037 and SUSE...