Vigil@nce - HarfBuzz: out-of-bounds memory reading via GPOS/GSUB Table, analyzed on 29/11/2022
January 2023 by Vigil@nce
An attacker can force a read at an invalid memory address of HarfBuzz, via GPOS/GSUB Table, in order to trigger a denial of service, or to obtain sensitive information.
Plus d'information sur : https://vigilance.fr/vulnerability/HarfBuzz-out-of-bounds-memory-reading-via-GPOS-GSUB-Table-39971