Avast! - Integer Overflow Verifying numFonts in TTC Header
Avast! - Integer Overflow Verifying numFonts in TTC Header Source: https://code.google.com/p/google-security-research/issues/detail?id=549 If the numFonts field in the TTC header is greater than SIZEMAX+1 / 4, an integer overflow occurs in filevirusttf when calling CSafeGenFile::SafeLockBuffer. T...