libfontforge.so is vulnerable to remote code execution (RCE) attacks. A malicious user can pass an otf
file to the umodenc
function in parsettf.c
to cause a buffer overflow and crash the application or cause arbitrary code to be executed.
CPE | Name | Operator | Version |
---|---|---|---|
libfontforge.so | eq | 1.0.0 |