PT-2016-1276 · Mozilla+5 · Graphite 2+7

Yves Younan

Publicado

2015-12-27

Atualizado

2024-10-22

CVE-2016-1521

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Graphite 2 version 1.2.4 Mozilla Firefox versions prior to 43.0 Firefox ESR versions prior to 38.6.1

Description The issue is related to the directrun function in directmachine.cpp, which does not validate a certain skip operation. This allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via a crafted Graphite smart font, resulting in an out-of-bounds read and application crash.

Recommendations For Graphite 2 version 1.2.4, update to a version that fixes the directrun function issue. For Mozilla Firefox versions prior to 43.0, update to version 43.0 or later. For Firefox ESR versions prior to 38.6.1, update to version 38.6.1 or later.

Exploit

Correção

RCE

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2015-2196

ALT-PU-2016-1130

ALT-PU-2016-1136

ALT-PU-2016-1454

BDU:2016-00573

CESA-2016_0197

CESA-2016_0258

CESA-2016_0594

CVE-2016-1521

DSA-3479-1

MGASA-2016-0077

MGASA-2016-0078

OPENSUSE-SU-2016_0791-1

OPENSUSE-SU-2016_0875-1

OPENSUSE-SU-2024:10242-1

RHSA-2016:0197

RHSA-2016:0258

RHSA-2016:0594

RHSA-2016_0197

RHSA-2016_0258

RHSA-2016_0594

SUSE-SU-2016:0779-1

SUSE-SU-2016_0779-1

USN-2902-1

Produtos afetados

Alt Linux

Centos

Firefox Esr

Graphite 2

Firefox

Red Hat

Suse

Ubuntu

PT-2016-1276 · Mozilla+5 · Graphite 2+7

CVE-2016-1521

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 391