Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-2796

Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
SUSE: openSUSE-SU-2016:0894
SUSE: openSUSE-SU-2016:1767
SUSE: openSUSE-SU-2016:1769
SUSE: openSUSE-SU-2016:1778
CONFIRM: http://www.oracle.com/...
BID: 84222
GENTOO: GLSA-201605-06
DEBIAN: DSA-3510
DEBIAN: DSA-3515
DEBIAN: DSA-3520
SUSE: SUSE-SU-2016:0909
SUSE: SUSE-SU-2016:0727
SUSE: SUSE-SU-2016:0777
SUSE: openSUSE-SU-2016:0731
SUSE: openSUSE-SU-2016:0733
SUSE: SUSE-SU-2016:0820
SUSE: openSUSE-SU-2016:0876
UBUNTU: USN-2917-2
UBUNTU: USN-2917-3
UBUNTU: USN-2934-1
UBUNTU: USN-2917-1
UBUNTU: USN-2927-1
SECTRACK: 1035215
GENTOO: GLSA-201701-63

Launchpad.net

CVE 2016-2796

Related bugs

References