Launchpad CVE tracker

CVE 2010-4259

Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a BDF font file.

Related bugs and status

CVE-2010-4259 (Candidate) is related to these bugs:

Bug #684952: Stack buffer overflow in BDF file parsing

Summary				In	Importance	Status
	684952	Stack buffer overflow in BDF file parsing		fontforge (Ubuntu)	Low	Fix Released

Bug #704463: Merge fontforge 0.0.20100501-4 (main) from Debian unstable (main)

Summary				In	Importance	Status
	704463	Merge fontforge 0.0.20100501-4 (main) from Debian unstable (main)		fontforge (Ubuntu)	Wishlist	Fix Released

Bug #704467: CVE-2010-4259

Summary				In	Importance	Status
	704467	CVE-2010-4259		fontforge (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-4259

References