CVE-2016-1523

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service missing initialization, NULL pointer dereference, a...

CVE-2016-1526

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service out-of-bound...

CVE-2016-1521

CVE-2016-1521 is a vulnerability in Graphite 2’s Libgraphite (directrun in directmachine.cpp) where skipping operations are not validated, enabling a crafted Graphite font to cause remote code execution, information disclosure, or denial of service. Affected products include Mozilla Firefox (and ...

CVE-2016-1522

CVE-2016-1522 affects Graphite 2 Libgraphite (Graphite2 1.2.4) used in Firefox/Firefox ESR before 43.0. Code.cpp does not account for recursive load calls during a size check, enabling a remote attacker to trigger a denial of service (heap-based buffer overflow) or possibly execute arbitrary code...

CVE-2016-1523

CVE-2016-1523 concerns Graphite 2 Libgraphite’s SillMap::readFace in FeatureMap.cpp, used by Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1. A mis-handled return value can allow remote attackers to cause denial of service via a crafted Graphite smart font. Affected component is Gr...

CVE-2016-1522

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly execute arbitrary...

CVE-2016-1523

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service missing initialization, NULL pointer dereference, a...

UBUNTU-CVE-2016-1523

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service missing initialization, NULL pointer dereference, a...

graphite2 -- code execution vulnerability

Talos reports: An exploitable denial of service vulnerability exists in the font handling of Libgraphite. A specially crafted font can cause an out-of-bounds read potentially resulting in an information leak or denial of service. A specially crafted font can cause a buffer overflow resulting in...

Libgraphite LocaLookup Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0061 Libgraphite LocaLookup Denial of Service Vulnerability February 5, 2016 CVE Number CVE-2016-1521 Description An exploitable denial of service vulnerability exists in the font handling of Libgraphite. A specially crafted font can cause an out-of-bounds re...

Libgraphite Context Item Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0059 Libgraphite Context Item Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1523 Description An exploitable heap-based buffer overflow exists in the context item handling functionality of Libgraphite. A specially crafted font can cause a...

Libgraphite directrun Opcode Handling Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0058 Libgraphite directrun Opcode Handling Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1521 Description An exploitable out-of-bounds read vulnerability exists in the opcode handling functionality of Libgraphite. A specially crafted font...

Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0057 Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1522 Description An exploitable out-of-bounds access vulnerability exists in the bidirectional font handling functionality of Libgraphite. A...