Vulnerabilities

CVE-2016-1522

by Fred · 12/02/2016

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via a crafted Graphite smart font.

Date published : 2016-02-12

http://www.securityfocus.com/bid/82991

http://www.mozilla.org/security/announce/2016/mfsa2016-14.html

Similar

Tags: Cybersecurity Alert