Vulnerability Details CVE-2019-15785
FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_LoadPrefs in prefs.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://github.com/fontforge/fontforge/commit/626f751752875a0ddd74b9e217b6f4828713573c
- https://github.com/fontforge/fontforge/pull/3886
- https://security.gentoo.org/glsa/202004-14
- https://github.com/fontforge/fontforge/commit/626f751752875a0ddd74b9e217b6f4828713573c
- https://github.com/fontforge/fontforge/pull/3886
- https://security.gentoo.org/glsa/202004-14
Products affected by CVE-2019-15785
-
cpe:2.3:a:fontforge:fontforge:2.0.20140101
-
cpe:2.3:a:fontforge:fontforge:2.1.0
-
cpe:2.3:a:fontforge:fontforge:20110222
-
cpe:2.3:a:fontforge:fontforge:20120731
-
cpe:2.3:a:fontforge:fontforge:20140101
-
cpe:2.3:a:fontforge:fontforge:20140813
-
cpe:2.3:a:fontforge:fontforge:20141013
-
cpe:2.3:a:fontforge:fontforge:20141014
-
cpe:2.3:a:fontforge:fontforge:20141126
-
cpe:2.3:a:fontforge:fontforge:20141230
-
cpe:2.3:a:fontforge:fontforge:20150228
-
cpe:2.3:a:fontforge:fontforge:20150330
-
cpe:2.3:a:fontforge:fontforge:20150430
-
cpe:2.3:a:fontforge:fontforge:20150612
-
cpe:2.3:a:fontforge:fontforge:20150824
-
cpe:2.3:a:fontforge:fontforge:20160403
-
cpe:2.3:a:fontforge:fontforge:20160404
-
cpe:2.3:a:fontforge:fontforge:20160930
-
cpe:2.3:a:fontforge:fontforge:20161001
-
cpe:2.3:a:fontforge:fontforge:20161004
-
cpe:2.3:a:fontforge:fontforge:20161005
-
cpe:2.3:a:fontforge:fontforge:20161012
-
cpe:2.3:a:fontforge:fontforge:20170730
-
cpe:2.3:a:fontforge:fontforge:20170731
-
cpe:2.3:a:fontforge:fontforge:20190317
-
cpe:2.3:a:fontforge:fontforge:20190413
-
cpe:2.3:a:fontforge:fontforge:20190801