Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling while processing CFF blend DICT operator.
4fcf434e418ec4b78b4c2d63832210327781ed08e528c125015656abfd99f10dMicrosoft DirectWrite / AFDKO suffers from a heap-baeed out-of-bounds read/write vulnerability in OpenType font handling due to empty ROS strings.
776e4d5cb07c5edc399a8c06b2c8fe7a2cb08c78b74a62a84252a02d5708c119Microsoft DirectWrite / AFDKO suffers from having an insufficient integer overflow check in dnaGrow.
51c785aaeac307b6f004977e9dda66854c854edace9664c3df8a5c5e0aa2a972Microsoft DirectWrite / AFDKO suffers from an out-of-bounds read vulnerability in OpenType font handling due to undefined FontName index.
e3e7b0305f8432ddd997bdec2f0d5cacd36f1c9f6a99150af8de8f307cea29f4Microsoft DirectWrite / AFDKO suffers from multiple bugs in OpenType font handling related to the "post" table.
6354ddf2c2a84f87b95ff67efeff3f139b9cc0c1d499d184289892fb322d4120Microsoft DirectWrite / AFDKO suffers from a NULL pointer dereferences vulnerability in OpenType font handling while accessing empty dynarrays.
4ec1a9e1b55b066d5ae525c5cd2a521b59c106b8837891bac4d6224817cffbcaMicrosoft DirectWrite / AFDKO suffers from allowing a read of uninitialized BuildCharArray memory in OpenType font handling.
6bd13a875e56d5d9ee6b4e88a96b9bfc00297a1df5f42b95b9960166caf6299bMicrosoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readEncoding.
18da01543383d44711f3953c7c081e706b908f64132617f3f3e209a9d3f3d24bMicrosoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readCharset.
a9d786e193b92f19f2203e1c4c4a184d6088e7ac59d89e26d75a0de326d918b1Microsoft DirectWrite / AFDKO suffers from a heap-based out-of-bounds read/write vulnerability in OpenType font handling due to unbounded iFD.
e74d7eca66fac35dabca0f0b4ab4a2d55f72889c670a0b7f8bf2ff79eed66baaMicrosoft DirectWrite / AFDKO suffers from an issue where it makes use of uninitialized memory while freeing resources in var_loadavar.
5a7a6f30beafa844977ce32830f5b3436dfda461f17af14e426ffbfca386c979Microsoft DirectWrite / AFDKO suffers from a stack-based buffer overflow vulnerability in do_set_weight_vector_cube for large nAxes.
87a891d20df4c6c1cf489ae7aea464da6ea68dc962c56e93de1a2aaa3bed36e3Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to negative nAxes.
0b18f867565f67bca980d7fc0ababb77f4d56781f8ff941b85c87c7f67cac560Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to negative cubeStackDepth.
151943d6fedcadaa27f44c6659dd65a5bae0b90b376bb58c73d25d660f26876eMicrosoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to out-of-bounds cubeStackDepth.
433ecac33a84ccd0549ea6aa46ccdf5bf0f3c6881fa170ad87339fd144605d9bMicrosoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability due to integer overflow in readTTCDirectory.
7e129e9a0001c1d4d6ccb6395d7cf5e1b831314a52c02a49a35d93d927795db4Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readStrings.
cf4bfe42dda84668b42617981dc6722b34f026c966dfa5c20e002f103ed59da1Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to incorrect handling of blendArray.
04a1b32bb8fb2c91b1b0b567ecd691256c5c85bedc90cda40c7de13c5e385668Microsoft DirectWrite / AFDKO suffers from an interpreter stack underflow in OpenType font handling due to missing CHKUFLOW.
adff25b8214c8313e2c7f6d804197ec798b268aef4bbae69ece436523ed95da1Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readFDSelect.
276645f96ebe21844771be3cbdc0c6d384ebe2a8d5bdb89b4c51e20d0c5fc375An issue has been discovered where the Microsoft Font Subsetting DLL (fontsub.dll) suffers from a heap-based out-of-bounds read vulnerability in MergeFonts.
59bdcf0c53bae14944835fcc600e7d18a2f131991f8e5f86054a589716d13344A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType fonts.
3c3d35dfc5426eaa61ae91b3e754f6e09c909445eb2f9484504d724fdedd1db5A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType, implemented in a proprietary t2k library.
cc1fdb072ca05f2a5b04c3cb9301fdc0fce66245b901c57e61aba6f76f5054ectcpdump was found to suffer from multiple out-of-bounds read vulnerabilities.
cea131972888984634d05f66fcb925a4eaa31822c00269467fbc5939cb230885A heap-based out-of-bounds read was observed in Oracle Java Runtime Environment version 8u202 while fuzz-testing the processing of TrueType fonts rendering in AlternateSubstitutionSubtable::process.
711068adf214eb589d571d06d8497f1cfb5051a638536518b30c31c08d5d0231
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed