ID CVE-2019-19308
Summary In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0, there is a NULL pointer dereference while parsing a TTF font file that lacks a name section (due to a g_strconcat call that returns NULL).
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:gnome-font-viewer:3.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:gnome-font-viewer:3.34.0:*:*:*:*:*:*:*
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 27-11-2019 - 15:15
Published 27-11-2019 - 15:15
Last modified 12-12-2019 - 20:10
Back to Top