libfontforge.so is vulnerable to denial of service (DoS) through stack-based under flow attacks. The vulnerability exists as it failed to check if the weight vector in the readcfftopdict
function of parsettf.c
is positive, allowing a malicious otf
file to cause a denial of service (DoS) through stack-based underflow.
CPE | Name | Operator | Version |
---|---|---|---|
libfontforge.so | eq | 1.0.0 |