PT-2022-15925 · Pcf2Bdf+1 · Pcf2Bdf+1
Anishsujanani
·
Published
2022-02-17
·
Updated
2022-02-25
·
CVE-2022-23318
CVSS v3.1
7.1
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
pcf2bdf versions 1.05 and later
Description
A heap-buffer-overflow in pcf2bdf allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact.
Recommendations
For versions 1.05 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Pcf2Bdf