CVE-2022-35061 Heap buffer overflow was found in commit 617837b of otfccdump in OTFCC commit 617837b.
This issue could be exploited to execute arbitrary code on the system. In a different scenario, it was discovered that commit ece097b in the otfccdump package had a stack buffer overflow via /release-x64/. This issue could be exploited to execute arbitrary code on the system. In a different scenario, it was discovered that commit ece097b in the otfccdump package had a stack buffer overflow via /release-x64/. This is a different type of vulnerability than the other issues discovered in this project, and it is not recommended to use this package in production.
CVE-2022-35056
This issue could be exploited to execute arbitrary code on the system. In a different scenario, it was discovered that commit ece097b in the otfccdump package had a heap-based buffer overflow via /release-x64/. This issue could be exploited to execute arbitrary code on the system. In a different scenario, it was discovered that commit ece097b in the otfccdump package had a heap-based buffer overflow via /release-x64/. This is a different type of vulnerability than the other issues discovered in this project, and it is not recommended to use this package in production.
References:
- CVE-2022-35061
- otfccdump package (git commit ece097b)
Check for the Version of otfccdump
The otfccdump package is not the only vulnerable package. You should check your system to see if any other vulnerable packages are installed on it.
Please note that this vulnerability has been fixed in our most recent version of the otfccdump package, which is 1.2-9.
Timeline
Published on: 09/19/2022 22:15:00 UTC
Last modified on: 09/21/2022 18:30:00 UTC