An attacker could potentially exploit these vulnerabilities to execute arbitrary code or cause denial-of-service conditions. (CVE-2019-6713, CVE-2019-6714) A series of GitHub issues were discovered in the OpenType Font Converter (OTFCC) software, released as part of Adobe’s Creative SDK. The issues were tracked as PR #617837b, #617838, #617839, #617840, and #617841. An attacker could exploit these vulnerabilities to execute arbitrary code or cause denial-of-service conditions. Mitigation RedHat Enterprise MRG and RedHat Enterprise MRG 2 users are advised to update their installations by updating their packages using RedHat’s update system. RedHat Enterprise MRG 2 users who wish to upgrade to the latest version of RedHat Enterprise MRG can do so directly by following RedHat’s instructions.

CVE-2021-35049

An attacker could potentially exploit these vulnerabilities to execute arbitrary code or cause denial-of-service conditions. (CVE-2019-6714, CVE-2019-6713)

CVE-2019-6713

An attacker could potentially exploit these vulnerabilities to execute arbitrary code or cause denial-of-service conditions. (CVE-2019-6713, CVE-2019-6714) The following packages are affected:
openssl098e aesni3 cbc3_decrypt ersa_encrypt

Affected Software

- RedHatEnterpriseMRG
- RedHatEnterpriseMRG2
- OpenType Font Converter (OTFCC)
- Adobe Creative SDK

Timeline

Published on: 10/14/2022 12:15:00 UTC
Last modified on: 10/15/2022 02:14:00 UTC

References