CVE-2010-4259
FontForge 20100501 - Stack-based Buffer Overflow via Long CHARSET_REGISTRY Header in BDF Font File
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-4259. PoCs published by Ulrik Persson.
AI-analyzed exploit summary This PoC exploits a stack-based buffer overflow in FontForge by providing a maliciously crafted font file with an excessively long CHARSET_REGISTRY field. The overflow occurs due to insufficient bounds checking, potentially leading to arbitrary code execution or denial-of-service.
Description
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a BDF font file.
Exploits (1)
This PoC exploits a stack-based buffer overflow in FontForge by providing a maliciously crafted font file with an excessively long CHARSET_REGISTRY field. The overflow occurs due to insufficient bounds checking, potentially leading to arbitrary code execution or denial-of-service.