185 matches found
SUSE CVE-2017-11577
FontForge 20161012 is vulnerable to a buffer over-read in getsid parsettf.c resulting in DoS or code execution via a crafted otf file...
Out-of-bounds Read in Onionshare
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-014 - Vulnerability type: Out-of-bounds Read - Threat...
Denial of Service in Onionshare
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. - Vulnerability ID: OTF-012 - Vulnerability type: Denial of Service - Threat level: Moderate Description: The receive mode...
GHSA-CH22-X2V3-V6VQ OTF-001: Improper Input Sanitation: The path parameter of the requested URL is not sanitized before being passed to the QT frontend
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-001 - Vulnerability type: Improper Input Sanitization -...
GHSA-JGM9-XPFJ-4FQ6 Path traversal in Onionshare
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-013 - Vulnerability type: Improper Hardening - Threat...
Improper Access Control in Onionshare
Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund's Red Team lab. This is an issue from that penetration test. - Vulnerability ID: OTF-009 - Vulnerability type: Improper Access Control - Threa...
CVE-2022-21694 OTF-006: Broken Website Hardening Control: The CSP can be turned on or off but not configured for the specific needs of the website
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. The website mode of the onionshare allows to use a hardened CSP, which will block any scripts and external resources. It is not possible to configure...
Apple macOS libFontParser OTF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the GetFDIndex...
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 5708.4564: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font CFF Table We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 5708.4564: Access violation...
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 5708.4564: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyphCloseContour A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of OpenType fonts. It manifes...
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour
A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of OpenType fonts. It manifests itself in the form of the following crash with AFL's libdislocator: --- cut --- gdb$ c Continuing...
Remote Code Execution (RCE)
libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass an otf file to the PSCharStringToSplines function in psread.c to cause a buffer overflow that can crash the application or cause arbitrary code execution...
Remote Code Execution (RCE)
libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass an otf file to the umodenc function in parsettf.c to cause a buffer overflow and crash the application or cause arbitrary code to be executed...
Remote Code Execution (RCE)
libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass a otf file to the ValidatePostScriptFontName function in parsettf.c file to cause a buffer overflow and crash the application or cause arbitrary code to be executed...
Denial Of Service (DoS)
libfontforge.so is vulnerable to denial of service DoS through stack-based under flow attacks. The vulnerability exists as it failed to check if the weight vector in the readcfftopdict function of parsettf.c is positive, allowing a malicious otf file to cause a denial of service DoS through...
SRC-2018-0008 : Adobe Digital Editions ePub otf Font Parsing TableRecord offset Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specif...
Debian DLA-1065-1 : fontforge security update
FontForge is vulnerable to heap-based buffer over-read in several functions, resulting in DoS or code execution via a crafted otf file : For Debian 7 'Wheezy', these problems have been fixed in version 0.0.20120101+git-2+deb7u1. We recommend that you upgrade your fontforge packages. NOTE: Tenable...
CVE-2017-11577
FontForge 20161012 is vulnerable to a buffer over-read in getsid parsettf.c resulting in DoS or code execution via a crafted otf file...