{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-05T00:00:00", "descriptions": [{"lang": "en", "value": "The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-30T16:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "openSUSE-SU-2016:0875", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"name": "GLSA-201701-35", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-35"}, {"name": "82991", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/82991"}, {"name": "USN-2902-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"name": "RHSA-2016:0594", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "openSUSE-SU-2016:0791", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"name": "DSA-3479", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3479"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"name": "RHSA-2016:0258", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "FEDORA-2016-4154a4d0ba", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"name": "RHSA-2016:0197", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"name": "SUSE-SU-2016:0779", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"name": "GLSA-201701-63", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-63"}, {"name": "FEDORA-2016-338a7e9925", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2016-1521", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2016:0875", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"name": "GLSA-201701-35", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-35"}, {"name": "82991", "refsource": "BID", "url": "http://www.securityfocus.com/bid/82991"}, {"name": "USN-2902-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"name": "RHSA-2016:0594", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "openSUSE-SU-2016:0791", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"name": "DSA-3479", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3479"}, {"name": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html", "refsource": "MISC", "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"name": "RHSA-2016:0258", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "FEDORA-2016-4154a4d0ba", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"name": "RHSA-2016:0197", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"name": "SUSE-SU-2016:0779", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"name": "GLSA-201701-63", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-63"}, {"name": "FEDORA-2016-338a7e9925", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:02:11.563Z"}, "title": "CVE Program Container", "references": [{"name": "openSUSE-SU-2016:0875", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"name": "GLSA-201701-35", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-35"}, {"name": "82991", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/82991"}, {"name": "USN-2902-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"name": "RHSA-2016:0594", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "openSUSE-SU-2016:0791", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"name": "DSA-3479", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3479"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"name": "RHSA-2016:0258", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "FEDORA-2016-4154a4d0ba", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"name": "RHSA-2016:0197", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"name": "SUSE-SU-2016:0779", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"name": "GLSA-201701-63", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-63"}, {"name": "FEDORA-2016-338a7e9925", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-1521", "datePublished": "2016-02-13T02:00:00", "dateReserved": "2016-01-07T00:00:00", "dateUpdated": "2024-08-05T23:02:11.563Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "matchCriteriaId": "97564D83-D822-4F67-88AC-D6E2F3855763", "versionEndIncluding": "1.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "735317AD-14B8-4A73-B5B0-6A4C84FC202E", "versionEndIncluding": "42.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "332589F6-C6DB-4204-97FA-B60105BBF146", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "A04D6EAE-C709-4752-976E-DB15EE6E85B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE52B8E3-3BA8-46DB-948E-958739FE91B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "818D58B7-3BA2-4CE5-9D9A-65F5B24AB6D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B50189A6-C058-46EA-9BE8-9D01E304D518", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1F5442BB-3E3F-4E91-B76B-6B379B47E2BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "3FF3D499-08B8-4180-86C8-A38609D8938B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1F6A91A-4C19-47FB-B538-2B1837F68C61", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4773E493-5198-48FD-97D3-C20C36DF76E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E8F7CC3-9108-49C5-A0EE-DCC86A949C74", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5189097F-65FA-4F24-89BB-2996A605C9AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox_esr:38.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "97CD0D0C-B3AB-47B2-90DB-D559BFCFC670", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9835F35-2BFD-40D3-976E-953FB7F21330", "versionEndIncluding": "38.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."}, {"lang": "es", "value": "La funci\u00f3n directmachine.cpp en Libgraphite en Graphite 2 1.2.4, como se utiliza en Mozilla Firefox en versiones anteriores a 43.0 y Firefox ESR 38.x en versiones anteriores a 38.6.1, no valida una determinada operaci\u00f3n de salto, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario, obtener informaci\u00f3n sensible o causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una fuente inteligente Graphite."}], "id": "CVE-2016-1521", "lastModified": "2017-07-01T01:29:33.827", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-02-13T02:59:06.883", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"source": "cret@cert.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"source": "cret@cert.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"source": "cret@cert.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"source": "cret@cert.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"source": "cret@cert.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"source": "cret@cert.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3479"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}, {"source": "cret@cert.org", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"source": "cret@cert.org", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/82991"}, {"source": "cret@cert.org", "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"source": "cret@cert.org", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"source": "cret@cert.org", "url": "https://security.gentoo.org/glsa/201701-35"}, {"source": "cret@cert.org", "url": "https://security.gentoo.org/glsa/201701-63"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2016:0197", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "firefox-0:38.6.1-1.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-02-16T00:00:00Z"}, {"advisory": "RHSA-2016:0258", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "thunderbird-0:38.6.0-1.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-02-18T00:00:00Z"}, {"advisory": "RHSA-2016:0197", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "firefox-0:38.6.1-1.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-02-16T00:00:00Z"}, {"advisory": "RHSA-2016:0258", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "thunderbird-0:38.6.0-1.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-02-18T00:00:00Z"}, {"advisory": "RHSA-2016:0197", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:38.6.1-1.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-02-16T00:00:00Z"}, {"advisory": "RHSA-2016:0258", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:38.6.0-1.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-02-18T00:00:00Z"}, {"advisory": "RHSA-2016:0594", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "graphite2-0:1.3.6-1.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-04-05T00:00:00Z"}], "bugzilla": {"description": "graphite2: Out-of-bound read vulnerability triggered by crafted fonts", "id": "1305805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305805"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-125", "details": ["The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.", "A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of the application."], "name": "CVE-2016-1521", "public_date": "2016-02-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-1521\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-1521\nhttp://www.talosintel.com/reports/TALOS-2016-0058/"], "threat_severity": "Important"}