Sil

Graphite2

28 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-2791

  • EPSS 0.79%
  • Veröffentlicht 13.03.2016 18:59:30
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other ...

8.8

CVE-2016-2790

  • EPSS 0.79%
  • Veröffentlicht 13.03.2016 18:59:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a ...

8.8

CVE-2016-1977

  • EPSS 0.96%
  • Veröffentlicht 13.03.2016 18:59:26
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory c...

8.8

CVE-2016-1969

  • EPSS 0.47%
  • Veröffentlicht 13.03.2016 18:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a cra...

8.1

CVE-2016-1526

  • EPSS 0.52%
  • Veröffentlicht 13.02.2016 02:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive inform...

6.5

CVE-2016-1523

  • EPSS 0.84%
  • Veröffentlicht 13.02.2016 02:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (mis...

9.3

CVE-2016-1522

Exploit
  • EPSS 1.86%
  • Veröffentlicht 13.02.2016 02:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based...

8.8

CVE-2016-1521

  • EPSS 0.75%
  • Veröffentlicht 13.02.2016 02:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary ...