A 14-day Journey through Embedded Open Type Font Fuzzing

One of our daily routines as researchers here at FortiGuard Labs is to write and maintain our internal fuzzers to help us more effectively find potential vulnerabilities on different software products. In this blog post we would like to share how we discovered multiple Embedded Open Type (EOT) font vulnerabilities by using a combination of dumb and intelligent open source fuzzers.

Article Link: https://blog.fortinet.com/2017/10/19/a-14-day-journey-through-embedded-open-type-font-fuzzing