15 matches found
AlmaLinux 8 : fontforge (ALSA-2020:4844)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2020:4844 advisory. - An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an...
Mageia: Security Advisory (MGASA-2020-0405)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-25690
creationtimestamp| type| source ---|---|--- 2021-02-23 07:34:18+00:00| seen| https://t.me/cibsecurity/23968...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
UBUNTU-CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
FontForge is affected by CVE-2020-25690 due to an out-of-bounds write in SFD parsing (specifically LayerCount tokens) that can manipulate heap memory, causing a crash or arbitrary code execution. Affected: FontForge versions before 20200314. Root cause: parsing SFD data grants heap memory misuse....
CentOS 8 : fontforge (CESA-2020:4844)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:4844 advisory. - fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport CVE-2020-25690 Note that Nessus has not tested for this issue but has instead relied only on...
openSUSE Security Update : fontforge (openSUSE-2020-2111)
This update for fontforge fixes the following issues : - fix for Use-after-free heap in the SFDGetFontMetaData function and the crash bsc1178308 CVE-2020-25690. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package...
OPENSUSE-SU-2020:2111-1 Security update for fontforge
This update for fontforge fixes the following issues: - fix for Use-after-free heap in the SFDGetFontMetaData function and the crash bsc1178308 CVE-2020-25690. This update was imported from the SUSE:SLE-15:Update update project...
MGASA-2020-0405 Updated fontforge packages fix a security vulnerability
SFDGetFontMetaData insufficient CVE-2020-5395 backport. CVE-2020-25690...
RHEL 8 : fontforge (RHSA-2020:4844)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4844 advisory. FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type...
ALSA-2020:4844 Moderate: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport...
Moderate: fontforge security update
FontForge is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts. Security Fixes: fontforge: SFDGetFontMetaData insufficient CVE-2020-5395 backport...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is t...