Vulnerability Details CVE-2025-47749
V-SFT v6.2.5.0 and earlier contains an issue with free of pointer not at start of buffer in VS6EditData.dll!CWinFontInf::WinFontMsgCheck function. Opening specially crafted V7 or V8 files may lead to crash, information disclosure, and arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.9%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2025-47749
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.2.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.3.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.4.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.5.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.6.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.7.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.8.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.0.9.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.0.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.1.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.2.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.3.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.4.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.5.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.6.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.6.0a
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.7.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.1.8.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.0.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.1.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.2.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.3.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.4.0
-
cpe:2.3:a:fujielectric:monitouch_v-sft:6.2.4.0a