Debian update for fontforge
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2017-11568 CVE-2017-11569 CVE-2017-11571 CVE-2017-11572 CVE-2017-11574 CVE-2017-11575 CVE-2017-11576 CVE-2017-11577 |
| CWE-ID | CWE-126 CWE-121 CWE-122 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Debian Linux Operating systems & Components / Operating system |
| Vendor | Debian |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Heap-based buffer over-read
EUVDB-ID: #VU8102
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-11568
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to heap-based buffer over-read in PSCharStringToSplines (psread.c). A remote attacker can trick the victim into opening a specially crafted otf file and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Heap-based buffer over-read
EUVDB-ID: #VU8103
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-11569
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to heap-based buffer over-read in readttfcopyrights (parsettf.c). A remote attacker can trick the victim into opening a specially crafted otf file and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Stack-based buffer overflow
EUVDB-ID: #VU8105
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-11571
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to stack-based buffer overflow in addnibble (parsettf.c). A remote attacker can trick the victim into opening a specially crafted otf file and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Heap-based buffer over-read
EUVDB-ID: #VU8104
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-11572
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to heap-based buffer over-read in readttfcopyrights (parsettf.c). A remote attacker can trick the victim into opening a specially crafted otf file and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Heap-based buffer overflow
EUVDB-ID: #VU8106
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-11574
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to heap-based buffer overflow in readcffset (parsettf.c). A remote attacker can trick the victim into opening a specially crafted otf file and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Buffer over-read
EUVDB-ID: #VU8107
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-11575
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to buffer over-read in strnmatch (char.c). A remote attacker can trick the victim into opening a specially crafted otf file, trigger call from the readttfcopyrights function in parsettf.c. and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Denial of service
EUVDB-ID: #VU8109
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-11576
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to an error when ensuring a positive size in a weight vector memcpy call in readcfftopdict (parsettf.c). A remote attacker can trick the victim into opening a specially crafted otf file and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Buffer over-read
EUVDB-ID: #VU8108
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-11577
CWE-ID:
CWE-126 - Buffer over-read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code on the target system.
The weakness exists due to buffer over-read in getsid (parsettf.c). A remote attacker can trick the victim into opening a specially crafted otf file and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected package to version: 20120731.b-5+deb8u1, 1:20161005~dfsg-4+deb9u1
Vulnerable software versionsDebian Linux: All versions
CPE2.3 External linkshttps://github.com/fontforge/fontforge/issues/3123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
