fontforge is vulnerable to arbitrary code execution. A heap-based buffer overflow in the Type2NotDefSplines()
function in splinesave.c
allows an attacker to execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
fontforge:bullseye | eq | 1:20190801~dfsg-4 | |
fontforge:bullseye | eq | 1:20190801~dfsg-4 |