(0Day) Wecon LeviStudioU fontlib Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the FontLib.dll module. Strings read from input are not properly checked for null-terminating characters before using them later in memory read/write calls. An attacker can leverage this vulnerability to execute code in the context of the current process.