Vulnerability Details : CVE-2016-1523
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (missing initialization, NULL pointer dereference, and application crash) via a crafted Graphite smart font.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2016-1523
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:a:sil:graphite2:1.2.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-1523
2.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1523
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
References for CVE-2016-1523
-
http://www.debian.org/security/2016/dsa-3479
Debian -- Security Information -- DSA-3479-1 graphite2Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1246093
Bugzilla.mozilla.org is offlineIssue Tracking
-
http://www.mozilla.org/security/announce/2016/mfsa2016-14.html
Vulnerabilities in Graphite 2 — MozillaPatch;Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-0258.html
RHSA-2016:0258 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html
[security-announce] SUSE-SU-2016:0779-1: important: Security update for
-
http://rhn.redhat.com/errata/RHSA-2016-0197.html
RHSA-2016:0197 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html
[security-announce] SUSE-SU-2016:0564-1: important: Security update for
-
http://www.debian.org/security/2016/dsa-3491
Debian -- Security Information -- DSA-3491-1 icedove
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html
[SECURITY] Fedora 22 Update: graphite2-1.3.6-1.fc22Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3477
Debian -- Security Information -- DSA-3477-1 iceweasel
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Oracle Linux Bulletin - April 2016
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016
-
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html
[security-announce] SUSE-SU-2016:0554-1: important: Security update for
-
https://security.gentoo.org/glsa/201605-06
Mozilla Products: Multiple vulnerabilities (GLSA 201605-06) — Gentoo security
-
http://www.securitytracker.com/id/1035017
Mozilla Firefox libgraphite Font Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html
[security-announce] openSUSE-SU-2016:0791-1: important: Security update
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html
[security-announce] openSUSE-SU-2016:0875-1: important: Security update
-
https://security.gentoo.org/glsa/201701-35
Mozilla SeaMonkey: Multiple vulnerabilities (GLSA 201701-35) — Gentoo security
-
https://security.gentoo.org/glsa/201701-63
Graphite: Multiple vulnerabilities (GLSA 201701-63) — Gentoo security
-
http://www.ubuntu.com/usn/USN-2902-1
USN-2902-1: graphite2 vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2904-1
USN-2904-1: Thunderbird vulnerabilities | Ubuntu security notices
-
http://rhn.redhat.com/errata/RHSA-2016-0594.html
RHSA-2016:0594 - Security Advisory - Red Hat Customer Portal
-
http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
Talos Blog || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Vulnerability Spotlight: Libgraphite Font Processing Vulnerabilities
-
http://www.securityfocus.com/bid/82991
Libgraphite Multiple Security Vulnerabilities
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html
[SECURITY] Fedora 23 Update: graphite2-1.3.5-1.fc23Third Party Advisory
Jump to