Search CVE reports
11 – 18 of 18 results
CVE-2017-11576
Medium prioritySome fixes available 2 of 4
FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | Not affected | Fixed |
CVE-2017-11575
Medium prioritySome fixes available 2 of 4
FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | Not affected | Fixed |
CVE-2017-11574
Medium prioritySome fixes available 2 of 4
FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | Not affected | Fixed |
CVE-2017-11572
Medium prioritySome fixes available 2 of 4
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | Not affected | Fixed |
CVE-2017-11571
Medium prioritySome fixes available 2 of 4
FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | Not affected | Fixed |
CVE-2017-11569
Medium prioritySome fixes available 2 of 4
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | Not affected | Fixed |
CVE-2017-11568
Medium prioritySome fixes available 2 of 4
FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | Not affected | Fixed |
CVE-2010-4259
Low prioritySome fixes available 5 of 10
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a BDF font file.
1 affected package
fontforge
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| fontforge | — | — | — | — | — |