Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS Information
N/A
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Red Hat Enterprise Linux 8 缓冲区错误漏洞
Vulnerability Description
Red Hat Enterprise Linux 8是美国红帽(Red Hat)公司的一套面向企业用户的Linux操作系统。 Red Hat Enterprise Linux 8 中的 fontforge 存在缓冲区错误漏洞,该漏洞源于在解析包含某些LayerCount令牌的SFD文件时存在越界写入。该漏洞允许攻击者可以操纵在堆上分配的内存,从而导致应用程序崩溃或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A