libfontforge.so is vulnerable to remote code execution (RCE) attacks. A malicious user can pass an otf
file to the strnmatch
function in char.c
to cause a buffer overflow that can crash the application or cause arbitrary code to be executed.
CPE | Name | Operator | Version |
---|---|---|---|
libfontforge.so | eq | 1.0.0 |