Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:6403
HistoryMay 28, 2018 - 7:57 a.m.

Remote Code Execution (RCE) Through Buffer Overflow

2018-05-2807:57:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3

EPSS

0.001

Percentile

46.9%

libfontforge.so is vulnerable to remote code execution (RCE) attacks through buffer overflow. A malicious user can pass a ttf file to the readcffset function in parsettf.c to cause a buffer overflow that can crash the application or cause arbitrary code to be executed.