Bugzilla – Bug 970889
VUL-0: CVE-2016-1969: MozillaFirefox: The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefoxbefore 45.0 and Firefox ...
Last modified: 2016-03-22 08:20:25 UTC
CVE-2016-1969 The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1969 http://www.mozilla.org/security/announce/2016/mfsa2016-38.html https://bugzilla.mozilla.org/show_bug.cgi?id=1242322
bugbot adjusting priority
released