CVE-2016-1522

Priority
Description
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox
before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive
load calls during a size check, which allows remote attackers to cause a
denial of service (heap-based buffer overflow) or possibly execute
arbitrary code via a crafted Graphite smart font.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (1.3.5-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):released (1.2.4-1ubuntu1.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.3.5-1ubuntu1)
Patches:
Upstream:https://github.com/silnrsi/graphite/commit/4e232ad3697bd0121fd3cbfd8c3d9e2617fce1b8 (0057)
Upstream:https://github.com/silnrsi/graphite/commit/a94bbf1a651b13ecfaf9a774a841d36964c25929 (0060)
More Information

Updated: 2019-12-05 18:44:05 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)