Vulnerability Details CVE-2017-11572
FontForge 20161012 is vulnerable to a heap-based buffer over-read in readcfftopdicts (parsettf.c) resulting in DoS or code execution via a crafted otf file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 56.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References