CVE-2017-11569

Severity CVSS v4.0:
Pending analysis
Type:
CWE-125 Out-of-bounds Read
Publication date:
23/07/2017
Last modified:
20/04/2025

Description

FontForge 20161012 is vulnerable to a heap-based buffer over-read in readttfcopyrights (parsettf.c) resulting in DoS or code execution via a crafted otf file.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:fontforge:fontforge:20161012:*:*:*:*:*:*:*