Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-1526

Опубликовано: 13 фев. 2016
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5.8
CVSS3: 8.1

Описание

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

РелизСтатусПримечание
devel

released

1.3.5-1ubuntu1
esm-infra-legacy/trusty

released

1.2.4-1ubuntu1.1
esm-infra/xenial

released

1.3.5-1ubuntu1
precise

ignored

end of life
precise/esm

DNE

precise was needed
trusty

released

1.2.4-1ubuntu1.1
trusty/esm

released

1.2.4-1ubuntu1.1
upstream

released

1.3.5-1
vivid/stable-phone-overlay

ignored

end of life
vivid/ubuntu-core

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%
0.00519
Низкий

5.8 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-1526

redhat
больше 9 лет назад

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

nvd логотип

CVE-2016-1526

CVSS3: 8.1
nvd
больше 9 лет назад

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

debian логотип

CVE-2016-1526

CVSS3: 8.1
debian
больше 9 лет назад

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graph ...

github логотип

GHSA-44hj-fxxj-472x

CVSS3: 8.1
github
больше 3 лет назад

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

fstec логотип

BDU:2016-00576

fstec
больше 9 лет назад

Уязвимость браузера Firefox ESR, программного средства рендеринга Graphite 2, почтового клиента Thunderbird, позволяющая нарушителю вызвать отказ в обслуживании или получить конфиденциальную информацию

EPSS

Процентиль: 66%
0.00519
Низкий

5.8 Medium

CVSS2

8.1 High

CVSS3