|CVSS SCORE||7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)|
The specific flaw exists within a document handler of an XFDL document. The parsing of the 'fontname' tag with a large value can lead to a stack buffer overflow. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.
IBM has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Andrea Micalizzi aka rgod