Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fontforge
(Fontforge)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-07-23 | CVE-2017-11577 | FontForge 20161012 is vulnerable to a buffer over-read in getsid (parsettf.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11576 | FontForge 20161012 does not ensure a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c) resulting in DoS via a crafted otf file. | Fontforge | 5.5 | ||
| 2017-07-23 | CVE-2017-11575 | FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11574 | FontForge 20161012 is vulnerable to a heap-based buffer overflow in readcffset (parsettf.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11573 | FontForge 20161012 is vulnerable to a buffer over-read in ValidatePostScriptFontName (parsettf.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11572 | FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11571 | FontForge 20161012 is vulnerable to a stack-based buffer overflow in addnibble (parsettf.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11570 | FontForge 20161012 is vulnerable to a buffer over-read in umodenc (parsettf.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11568 | FontForge 20161012 is vulnerable to a heap-based buffer over-read in PSCharStringToSplines (psread.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 | ||
| 2017-07-23 | CVE-2017-11569 | FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file. | Fontforge | 7.8 |