CVE-2016-1521

HIGH

Mozilla Firefox <43.0 & ESR 38.x <38.6.1 - Denial of Service

Title source: manual

Description

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.

References (18)

Core 18

Core References

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/82991

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2902-1

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-0594.html

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2016/dsa-3479

Third Party Advisory x_refsource_misc

http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-0258.html

Vendor Advisory x_refsource_confirm

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2016-0197.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html

Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html

Third Party Advisory x_refsource_confirm

http://www.mozilla.org/security/announce/2016/mfsa2016-14.html

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201701-35

Third Party Advisory vendor-advisory x_refsource_gentoo

https://security.gentoo.org/glsa/201701-63

Scores

CVSS v3 8.8

EPSS 0.0085

EPSS Percentile 75.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (19)

debian/debian_linux 7.0

debian/debian_linux 8.0

fedoraproject/fedora 22

fedoraproject/fedora 23

mozilla/firefox 38.0.1

mozilla/firefox 38.0.5

mozilla/firefox 38.1.0

mozilla/firefox 38.1.1

mozilla/firefox 38.2.0

mozilla/firefox 38.2.1

... and 9 more

Published Feb 13, 2016

Tracked Since Feb 18, 2026