3 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FontForge 20161012 is vulnerable to a buffer over-read in getsid parsettf.c resulting in DoS or code execution via a crafted otf file. CVE-2017-11577 Note that...
USN-3409-1: FontForge vulnerabilities
It was discovered that FontForge was vulnerable to a heap-based buffer over-read. A remote attacker could use a crafted file to DoS or execute arbitrary code. CVE-2017-11568, CVE-2017-11569, CVE-2017-11572 It was discovered that FontForge was vulnerable to a stack-based buffer overflow. A remote...
CVE-2017-11577
FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) that can lead to DoS or code execution via a crafted OpenType font (OTF). Exploitation details are described in the CVE-2017-11577 entry, and multiple sources indicate a fix in fontforge updates (e.g., SUSE and Mageia a...