Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-1521

Опубликовано: 05 фев. 2016
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of the application.

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1305805graphite2: Out-of-bound read vulnerability triggered by crafted fonts

EPSS

Процентиль: 72%
0.00748
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-1521

CVSS3: 8.8
ubuntu
больше 9 лет назад

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

nvd логотип

CVE-2016-1521

CVSS3: 8.8
nvd
больше 9 лет назад

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

debian логотип

CVE-2016-1521

CVSS3: 8.8
debian
больше 9 лет назад

The directrun function in directmachine.cpp in Libgraphite in Graphite ...

github логотип

GHSA-765v-rgjj-3mrx

CVSS3: 8.8
github
больше 3 лет назад

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

fstec логотип

BDU:2016-00573

fstec
больше 9 лет назад

Уязвимость браузеров Firefox ESR и Firefox, программного средства рендеринга Graphite 2, почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании, получить конфиденциальную информацию или выполнить произвольный код

EPSS

Процентиль: 72%
0.00748
Низкий

6.8 Medium

CVSS2