The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::Slot::setAttr function in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software, is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effect...

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font...

UBUNTU-CVE-2016-2799

Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font...