CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

exploitpack•added 2016/05/26 12:0 a.m.•16 views

Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread

Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=755 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the...

Exploit DB•added 2016/05/26 12:0 a.m.•30 views

Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=755 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest /path/to/file -auto --- cut...

Exploit DB•added 2016/05/26 12:0 a.m.•30 views

Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=752 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest /path/to/file -auto --- cut...

0day.today•added 2016/05/26 12:0 a.m.•49 views

Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=755 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following...

7.1AI score

exploitpack•added 2016/05/26 12:0 a.m.•15 views

Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread

Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=752 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the followi...

Tenable Nessus•added 2016/03/17 12:0 a.m.•38 views

SUSE SLED12 / SLES12 Security Update : graphite2 (SUSE-SU-2016:0779-1)

This update for graphite2 fixes the following issues : - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...

8.8CVSS7.8AI score0.01341EPSS

Exploits0References10

NVD•added 2016/03/13 6:59 p.m.•16 views

CVE-2016-2801

The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...

8.8CVSS9.6AI score0.00565EPSS

NVD•added 2016/03/13 6:59 p.m.•15 views

CVE-2016-2794

The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

9.3CVSS9.5AI score0.00875EPSS

Prion•added 2016/03/13 6:59 p.m.•32 views

Design/Logic Flaw

The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart...

6.8CVSS8.8AI score0.00565EPSS

Exploits0References26Affected Software7

Prion•added 2016/03/13 6:59 p.m.•18 views

Design/Logic Flaw

6.8CVSS8.8AI score0.00565EPSS

Exploits0References26Affected Software7

Prion•added 2016/03/13 6:59 p.m.•14 views

Design/Logic Flaw

9.3CVSS7.8AI score0.00875EPSS

Exploits0References26Affected Software7

Cvelist•added 2016/03/13 6:0 p.m.•23 views

CVE-2016-2797

9.7AI score0.00562EPSS

Cvelist•added 2016/03/13 6:0 p.m.•24 views

CVE-2016-2801

9.7AI score0.00565EPSS

CVE•added 2016/03/13 6:0 p.m.•105 views

CVE-2016-2801

CVE-2016-2797 describes a vulnerability in Graphite2 where the TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6 can be triggered by a crafted Graphite font, used by Firefox before 45.0 and ESR before 38.7, leading to a denial of service via a buffer over-read. The issue is due to...

8.8CVSS7.3AI score0.00565EPSS

Exploits0References26Affected Software3

CVE•added 2016/03/13 6:0 p.m.•121 views

CVE-2016-2797

Graphite 2 before 1.3.6 is affected by CVE-2016-2797 via the TtfUtil::CmapSubtable12Lookup path. The vulnerability exists when Graphite is used by Firefox before 45.0 and Firefox ESR 38.x before 38.7, allowing a crafted Graphite smart font to cause a denial-of-service (buffer over-read) or simila...

8.8CVSS7.3AI score0.00562EPSS

Exploits0References26Affected Software1

Cvelist•added 2016/03/13 6:0 p.m.•17 views

CVE-2016-2802

The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...

9.7AI score0.00565EPSS

Debian CVE•added 2016/03/13 6:0 p.m.•25 views

CVE-2016-2790

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown othe...

8.8CVSS9.8AI score0.00565EPSS