← back
CVE-2016-1969

CVE-2016-1969

EPSS 1.7%
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1242322https://security.gentoo.org/glsa/201605-06http://www.mozilla.org/security/announce/2016/mfsa2016-38.htmlhttp://www.securitytracker.com/id/1035215