← volver
CVE-2016-2794

CVE-2016-2794

EPSS 3.5%
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00008.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=1243526