VYPR
High severity7.5NVD Advisory· Published Oct 2, 2017· Updated Jun 17, 2026

CVE-2017-14977

CVE-2017-14977

Description

The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.

Affected products

20

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.