Lucene search

K
nvd[email protected]NVD:CVE-2016-1526
HistoryFeb 13, 2016 - 2:59 a.m.

CVE-2016-1526

2016-02-1302:59:12
CWE-119
CWE-200
web.nvd.nist.gov
9
ttfutil
localookup
libgraphite
graphite smart font
mozilla firefox
denial of service
out-of-bounds read
application crash

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

AI Score

7.9

Confidence

High

EPSS

0.03

Percentile

90.9%

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

Affected configurations

Nvd
Node
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
Node
mozillafirefoxMatch38.0
OR
mozillafirefoxMatch38.0.1
OR
mozillafirefoxMatch38.0.5
OR
mozillafirefoxMatch38.1.0
OR
mozillafirefoxMatch38.1.1
OR
mozillafirefoxMatch38.2.0
OR
mozillafirefoxMatch38.2.1
OR
mozillafirefoxMatch38.3.0
OR
mozillafirefoxMatch38.4.0
OR
mozillafirefoxMatch38.5.0
OR
mozillafirefoxMatch38.5.1
OR
mozillafirefoxMatch38.5.2
OR
mozillafirefoxMatch38.6.0
OR
mozillathunderbirdRange38.5.1
Node
silgraphite2Match1.2.4
Node
fedoraprojectfedoraMatch22
OR
fedoraprojectfedoraMatch23
VendorProductVersionCPE
debiandebian_linux7.0cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
mozillafirefox38.0cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
mozillafirefox38.0.1cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
mozillafirefox38.0.5cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
mozillafirefox38.1.0cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
mozillafirefox38.1.1cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
mozillafirefox38.2.0cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
mozillafirefox38.2.1cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
mozillafirefox38.3.0cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 191

References

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

AI Score

7.9

Confidence

High

EPSS

0.03

Percentile

90.9%