Lucene search
Veracode Vulnerability DatabaseVERACODE:6110HistoryApr 13, 2018 - 4:39 a.m.
Denial Of Service (DoS)
2018-04-1304:39:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
27.3%
libfontforge.so is vulnerable to denial of service (DoS) through stack-based under flow attacks. The vulnerability exists as it failed to check if the weight vector in the readcfftopdict function of parsettf.c is positive, allowing a malicious otf file to cause a denial of service (DoS) through stack-based underflow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libfontforge.so | eq | 1.0.0 |
Related
osv
osv
CVE-2017-11576
2017-07-23 22:29:00
fontforge - security update
2017-08-26 00:00:00
fontforge - security update
2017-08-29 00:00:00
prion
prion
Design/Logic Flaw
2017-07-23 22:29:00
cvelist
cvelist
CVE-2017-11576
2017-07-23 22:00:00
nvd
nvd
CVE-2017-11576
2017-07-23 22:29:00
cve
cve
CVE-2017-11576
2017-07-23 22:29:00
ubuntucve
ubuntucve
CVE-2017-11576
2017-07-23 00:00:00
redhatcve
redhatcve
CVE-2017-11576
2017-07-26 14:50:52
debiancve
debiancve
CVE-2017-11576
2017-07-23 22:29:00
nessus
nessus
Debian DLA-1065-1 : fontforge security update
2017-08-28 00:00:00
Debian DSA-3958-1 : fontforge - security update
2017-08-30 00:00:00
Ubuntu 14.04 LTS : FontForge vulnerabilities (USN-3409-1)
2017-09-05 00:00:00
mageia
mageia
Updated fontforge packages fix security vulnerability
2018-01-03 17:22:14
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0037)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-3409-1)
2018-10-26 00:00:00
Debian: Security Advisory (DLA-1065-1)
2018-02-07 00:00:00
ubuntu
ubuntu
FontForge vulnerabilities
2017-09-04 00:00:00
debian
debian
[SECURITY] [DLA 1065-1] fontforge security update
2017-08-26 15:10:02
[SECURITY] [DSA 3958-1] fontforge security update
2017-08-29 08:15:31
[SECURITY] [DSA 3958-1] fontforge security update
2017-08-29 08:15:31