| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-2791 | 6.8 |
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2802 | 6.8 |
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2795 | 6.8 |
The graphite2::FileFace::get_table_fn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2793 | 6.8 |
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphi
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2790 | 6.8 |
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2800 | 6.8 |
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecifie
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2794 | 9.3 |
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2798 | 6.8 |
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecifi
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2801 | 6.8 |
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possi
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2799 | 9.3 |
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-1977 | 6.8 |
The Machine::Code::decoder::analysis::set_ref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service (stack memory c
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2797 | 6.8 |
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspec
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2796 | 6.8 |
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have u
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-2792 | 6.8 |
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecifie
|
27-12-2019 - 16:08 | 13-03-2016 - 18:59 | |
| CVE-2016-1526 | 5.8 |
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive inform
|
05-01-2018 - 02:30 | 13-02-2016 - 02:59 | |
| CVE-2016-1521 | 6.8 |
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary
|
01-07-2017 - 01:29 | 13-02-2016 - 02:59 | |
| CVE-2016-1523 | 4.3 |
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (mis
|
01-07-2017 - 01:29 | 13-02-2016 - 02:59 | |
| CVE-2016-1522 | 9.3 |
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based
|
01-07-2017 - 01:29 | 13-02-2016 - 02:59 |