SecuritySpace - CVE-2020-25690

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2020-25690

Description: An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Test IDs: 1.3.6.1.4.1.25623.1.1.10.2020.0405

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2020-25690
https://bugzilla.redhat.com/show_bug.cgi?id=1893188
https://bugzilla.redhat.com/show_bug.cgi?id=1893188

CVE ID:	CVE-2020-25690
Description:	An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Test IDs:	1.3.6.1.4.1.25623.1.1.10.2020.0405
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2020-25690 https://bugzilla.redhat.com/show_bug.cgi?id=1893188 https://bugzilla.redhat.com/show_bug.cgi?id=1893188