USN-4179-1: FriBidi vulnerability
07 November 2019
Applications using FriBidi could be made to crash or run programs as your login if it displayed specially crafted text.
- fribidi - Free Implementation of the Unicode BiDi algorithm (utility)
Alex Murray discovered a stack-based buffer overflow when handling a large
number of unicode isolate directives. An attacker could use this to cause a
denial of service or possibly execute arbitrary code.