1. CVE-Search
  2. CVE-2020-5496
ID CVE-2020-5496
Summary FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c.
References
Vulnerable Configurations
  • cpe:2.3:a:fontforge:fontforge:20190801:*:*:*:*:*:*:*
    cpe:2.3:a:fontforge:fontforge:20190801:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 08-03-2024 - 01:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
gentoo GLSA-202004-14
misc https://github.com/fontforge/fontforge/issues/4085
suse openSUSE-SU-2020:0089
Last major update 08-03-2024 - 01:15
Published 03-01-2020 - 22:15
Last modified 08-03-2024 - 01:15
Back to Top