The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts. It has an issue where it returns a dangling pointer via MergeFontPackage.
>> AUTHOR: deepcore
Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in GetGlyphIdx.
Microsoft Font Subsetting DLL suffers from a double free vulnerability in MergeFormat12Cmap / MakeFormat12MergedGlyphList.
Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in FixSbitSubTables.
Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadTableIntoStructure.
Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadAllocFormat12CharGlyphMapList.
Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in WriteTableFromStructure.
Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in MakeFormat12MergedGlyphList.
Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in FixSbitSubTableFormat1.
Adobe Acrobat Reader DC for Windows suffers from a heap-based out-of-bounds read vulnerability due to a malformed JP2 stream.