Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Font vulnerabilities in the Graphite 2 library

Related Vulnerabilities: CVE-2016-1977   CVE-2016-2790   CVE-2016-2791   CVE-2016-2792   CVE-2016-2793   CVE-2016-2794   CVE-2016-2795   CVE-2016-2796   CVE-2016-2797   CVE-2016-2798   CVE-2016-2799   CVE-2016-2800   CVE-2016-2801   CVE-2016-2802  

Source

Mozilla Foundation Security Advisory 2016-37

Font vulnerabilities in the Graphite 2 library

Announced
March 8, 2016
Reporter
Holger Fuhrmannek, Tyson Smith
Impact
Critical
Products
Firefox, Firefox ESR, Thunderbird
Fixed in
  • Firefox 45
  • Firefox ESR 38.7
  • Thunderbird 38.7
  • Thunderbird 45

Description

Security researcher Holger Fuhrmannek and Mozilla security engineer Tyson Smith reported a number of security vulnerabilities in the Graphite 2 library affecting version 1.3.5.

The issue reported by Holger Fuhrmannek is a mechanism to induce stack corruption with a malicious graphite font. This leads to a potentially exploitable crash when the font is loaded.

Tyson Smith used the Address Sanitizer tool in concert with a custom software fuzzer to find a series of uninitialized memory, out-of-bounds read, and out-of-bounds write errors when working with fuzzed graphite fonts.

To address these security vulnerabilities, Firefox 45 and Firefox ESR 38.7 have been updated to Graphite 2 version 1.3.6.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started