CVE-2016-1526

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Graphite 2 versions 1.2.4 and earlier Mozilla Firefox versions prior to 43.0 Mozilla Firefox ESR versions 38.x prior to 38.6.1 Thunderbird (affected versions not specified)

Description The issue is related to the TtfUtil:LocaLookup function in Libgraphite, which lacks protection of internal data. This can be exploited by a remote attacker using a specially crafted Graphite smart font, potentially allowing them to obtain confidential information or cause a denial of service, including out-of-bounds read and application crash.

Recommendations For Graphite 2 version 1.2.4 and earlier, update to a version later than 1.2.4. For Mozilla Firefox versions prior to 43.0, update to version 43.0 or later. For Mozilla Firefox ESR versions 38.x prior to 38.6.1, update to version 38.6.1 or later. For Thunderbird, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Information Disclosure

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-119

Related Identifiers

ALT-PU-2015-1539

ALT-PU-2016-1101

ALT-PU-2016-1130

ALT-PU-2016-1136

BDU:2016-00576

CESA-2016_0594

CESA-2016_0695

CVE-2016-1526

DSA-3477-1

DSA-3479-1

DSA-3491-1

MGASA-2016-0077

MGASA-2016-0078

OPENSUSE-SU-2016_0791-1

OPENSUSE-SU-2016_0875-1

RHSA-2016:0594

RHSA-2016:0695

RHSA-2016_0594

RHSA-2016_0695

SUSE-SU-2016:0779-1

USN-2902-1

Affected Products

Alt Linux

Centos

Graphite 2

Libgraphite

Firefox

Firefox Esr

Red Hat

Suse

Thunderbird

Ubuntu

CVE-2016-1526

Weakness Enumeration

Related Identifiers

Affected Products

References · 133