Oval Definition:	oval:org.opensuse.security:def:202025690
Revision Date: 2022-09-02 Version: 1 Title: CVE-2020-25690 Description: An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Family: unix Class: vulnerability Status: Reference(s): CVE-2020-25690 Mitre CVE-2020-25690 SUSE CVE-2020-25690 SUSE-SU-2020:3628-1 openSUSE-SU-2020:2111-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.3 SLE Imports SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information fontforge-20170731-lp151.4.6 is installed AND fontforge is signed with openSUSE key OR fontforge-devel-20170731-lp151.4.6 is installed AND fontforge-devel is signed with openSUSE key OR fontforge-doc-20170731-lp151.4.6 is installed AND fontforge-doc is signed with openSUSE key Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information fontforge-20170731-4.6 is installed OR fontforge-devel-20170731-4.6 is installed OR fontforge-doc-20170731-4.6 is installed Definition Synopsis openSUSE Leap 15.3 SLE Imports is installed AND Package Information fontforge-20170731-4.6.1 is installed AND fontforge is signed with openSUSE key OR fontforge-devel-20170731-4.6.1 is installed AND fontforge-devel is signed with openSUSE key OR fontforge-doc-20170731-4.6.1 is installed AND fontforge-doc is signed with openSUSE key Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed AND fontforge is not affected Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed OR SUSE Linux Enterprise Software Development Kit 12 SP5 is installed AND fontforge-20170731-11.14.1 is installed
BACK