Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-2800

Опубликовано: 13 мар. 2016
Источник: debian

Описание

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
iceweaselremovedpackage
firefox-esrfixed45.0esr-1package
firefoxfixed45.0-1package
icedovefixed38.7.0-1package
graphite2fixed1.3.6-1package

Примечания

  • https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/

Связанные уязвимости

ubuntu логотип

CVE-2016-2800

CVSS3: 8.8
ubuntu
больше 9 лет назад

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

redhat логотип

CVE-2016-2800

redhat
больше 9 лет назад

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

nvd логотип

CVE-2016-2800

CVSS3: 8.8
nvd
больше 9 лет назад

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

github логотип

GHSA-96h6-mp65-6p2p

CVSS3: 8.8
github
больше 3 лет назад

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

fstec логотип

BDU:2016-00720

fstec
больше 9 лет назад

Уязвимость браузеров Firefox ESR и Firefox, программного средства рендеринга Graphite 2, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие