CVE-2017-11575

Published July 23rd, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

FontForge 20161012 is vulnerable to a buffer over-read in strnmatch (char.c) resulting in DoS or code execution via a crafted otf file, related to a call from the readttfcopyrights function in parsettf.c.

fontforge/fontforge

Free (libre) font editor for Windows, Mac OS X and GNU+Linux

GitHub

7.77K