CVE-2024-41832 TALOS-2024-2002 | Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...

Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2024-2002 Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability August 13, 2024 CVE Number CVE-2024-41832 SUMMARY An out-of-bounds read vulnerability exists in CoolType, a font processing framework used by Adobe Acrobat Reader...

OSV-2023-160 Global-buffer-overflow in OT::gvar::accelerator_t::apply_deltas_to_points

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56800 Crash type: Global-buffer-overflow READ 2 Crash state: OT::gvar::acceleratort::applydeltastopoints bool OT::glyfimpl::Glyph::getpoints bool OT::glyfimpl::Glyph::getpoints...

OSV-2022-401 UNKNOWN READ in OT::gvar::subset

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47281 Crash type: UNKNOWN READ Crash state: OT::gvar::subset bool trysubset hbsubsetplanexecuteorfail...