Leizleiz

**Name of the Vulnerable Software and Affected Versions** Google sfntly versions prior to 2016-06-10 Google Chrome versions prior to 52.0.2743.82 **Description** The issue is a heap-based buffer overflow in the `ByteArray::Get` method, which can be exploited by remote attackers to cause a denial of service or possibly have other unspecified impacts. This is achieved through a crafted SFNT font. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For Google sfntly versions prior to 2016-06-10, update to a version released after 2016-06-10 to resolve the issue. For Google Chrome versions prior to 52.0.2743.82, update to version 52.0.2743.82 or later to resolve the issue. As a temporary workaround, consider restricting the use of SFNT fonts in affected applications until a patch is available.