OTFCC 安全漏洞

Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A denial of service vulnerability exists in Caryll OTFCC, which originates from a segmentation conflict at /release-x64/otfccdump+0x6babea. An attacker can exploit the vulnerability t...

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

Apple OS X morx nSubtables Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of font...