Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in Google Chrome prior to 47.0.2526.73, allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted offset or length value within font data in an SFNT container.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google chrome |