Remote Code Execution (RCE)
libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass a otf file to the ValidatePostScriptFontName function in parsettf.c file to cause a buffer overflow and crash the application or cause arbitrary code to be executed...