CVE-2016-1521 - Vulnerability Details

Vendors	Products
Debian	Debian Linux
Fedoraproject	Fedora
Mozilla	Firefox Thunderbird
Redhat	Enterprise Linux
Sil	Graphite2

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
firefox-0:38.6.1-1.el5_11	cpe:/o:redhat:enterprise_linux:5	RHSA-2016:0197	2016-02-16T00:00:00Z
thunderbird-0:38.6.0-1.el5_11	cpe:/o:redhat:enterprise_linux:5	RHSA-2016:0258	2016-02-18T00:00:00Z
Red Hat Enterprise Linux 6
firefox-0:38.6.1-1.el6_7	cpe:/o:redhat:enterprise_linux:6	RHSA-2016:0197	2016-02-16T00:00:00Z
thunderbird-0:38.6.0-1.el6_7	cpe:/o:redhat:enterprise_linux:6	RHSA-2016:0258	2016-02-18T00:00:00Z
Red Hat Enterprise Linux 7
firefox-0:38.6.1-1.el7_2	cpe:/o:redhat:enterprise_linux:7	RHSA-2016:0197	2016-02-16T00:00:00Z
thunderbird-0:38.6.0-1.el7_2	cpe:/o:redhat:enterprise_linux:7	RHSA-2016:0258	2016-02-18T00:00:00Z
graphite2-0:1.3.6-1.el7_2	cpe:/o:redhat:enterprise_linux:7	RHSA-2016:0594	2016-04-05T00:00:00Z

Link	Providers
http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html
http://rhn.redhat.com/errata/RHSA-2016-0197.html
http://rhn.redhat.com/errata/RHSA-2016-0258.html
http://rhn.redhat.com/errata/RHSA-2016-0594.html
http://www.debian.org/security/2016/dsa-3479
http://www.mozilla.org/security/announce/2016/mfsa2016-14.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/82991
http://www.talosintel.com/reports/TALOS-2016-0058/
http://www.ubuntu.com/usn/USN-2902-1
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
https://nvd.nist.gov/vuln/detail/CVE-2016-1521
https://security.gentoo.org/glsa/201701-35
https://security.gentoo.org/glsa/201701-63
https://www.cve.org/CVERecord?id=CVE-2016-1521

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:mozilla:firefox_esr:38.0.1:::::::* cpe:2.3:a:mozilla:firefox_esr:38.0.5:::::::* cpe:2.3:a:mozilla:firefox_esr:38.1.0:::::::* cpe:2.3:a:mozilla:firefox_esr:38.1.1:::::::* cpe:2.3:a:mozilla:firefox_esr:38.2.0:::::::* cpe:2.3:a:mozilla:firefox_esr:38.2.1:::::::* cpe:2.3:a:mozilla:firefox_esr:38.3.0:::::::* cpe:2.3:a:mozilla:firefox_esr:38.4.0:::::::*	cpe:2.3:a:mozilla:firefox:38.0.1:::::::* cpe:2.3:a:mozilla:firefox:38.0.5:::::::* cpe:2.3:a:mozilla:firefox:38.1.0:::::::* cpe:2.3:a:mozilla:firefox:38.1.1:::::::* cpe:2.3:a:mozilla:firefox:38.2.0:::::::* cpe:2.3:a:mozilla:firefox:38.2.1:::::::* cpe:2.3:a:mozilla:firefox:38.3.0:::::::* cpe:2.3:a:mozilla:firefox:38.4.0:::::::*
Vendors & Products	Mozilla firefox Esr

Type	Values Removed	Values Added
CPEs	cpe:2.3:a:mozilla:firefox_esr:38.5.0:::::::* cpe:2.3:a:mozilla:firefox_esr:38.5.1:::::::* cpe:2.3:a:mozilla:firefox_esr:38.5.2:::::::* cpe:2.3:a:mozilla:firefox_esr:38.6.0:::::::*	cpe:2.3:a:mozilla:firefox:38.5.0:::::::* cpe:2.3:a:mozilla:firefox:38.5.1:::::::* cpe:2.3:a:mozilla:firefox:38.5.2:::::::* cpe:2.3:a:mozilla:firefox:38.6.0:::::::*

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-05T00:00:00", "descriptions": [{"lang": "en", "value": "The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-30T16:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "openSUSE-SU-2016:0875", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"name": "GLSA-201701-35", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-35"}, {"name": "82991", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/82991"}, {"name": "USN-2902-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"name": "RHSA-2016:0594", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "openSUSE-SU-2016:0791", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"name": "DSA-3479", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3479"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"name": "RHSA-2016:0258", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "FEDORA-2016-4154a4d0ba", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"name": "RHSA-2016:0197", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"name": "SUSE-SU-2016:0779", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"name": "GLSA-201701-63", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-63"}, {"name": "FEDORA-2016-338a7e9925", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2016-1521", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2016:0875", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"name": "GLSA-201701-35", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-35"}, {"name": "82991", "refsource": "BID", "url": "http://www.securityfocus.com/bid/82991"}, {"name": "USN-2902-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"name": "RHSA-2016:0594", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "openSUSE-SU-2016:0791", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"name": "DSA-3479", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3479"}, {"name": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html", "refsource": "MISC", "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"name": "RHSA-2016:0258", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "FEDORA-2016-4154a4d0ba", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"name": "RHSA-2016:0197", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"name": "SUSE-SU-2016:0779", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"name": "GLSA-201701-63", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-63"}, {"name": "FEDORA-2016-338a7e9925", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:02:11.563Z"}, "title": "CVE Program Container", "references": [{"name": "openSUSE-SU-2016:0875", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"name": "GLSA-201701-35", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-35"}, {"name": "82991", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/82991"}, {"name": "USN-2902-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"name": "RHSA-2016:0594", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "openSUSE-SU-2016:0791", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"name": "DSA-3479", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3479"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"name": "RHSA-2016:0258", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"name": "FEDORA-2016-4154a4d0ba", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"name": "RHSA-2016:0197", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"name": "SUSE-SU-2016:0779", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"name": "GLSA-201701-63", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-63"}, {"name": "FEDORA-2016-338a7e9925", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-1521", "datePublished": "2016-02-13T02:00:00", "dateReserved": "2016-01-07T00:00:00", "dateUpdated": "2024-08-05T23:02:11.563Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-02-05T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-06-30T16:57:01 (string)

orgId : 37e5125f-f79b-445b-8fad-9564f167944b (string)

shortName : certcc (string)

}

references : [ »

0 : { »

name : openSUSE-SU-2016:0875 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html (string)

}

1 : { »

name : GLSA-201701-35 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : https://security.gentoo.org/glsa/201701-35 (string)

}

2 : { »

name : 82991 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/82991 (string)

}

3 : { »

name : USN-2902-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

]

url : http://www.ubuntu.com/usn/USN-2902-1 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html (string)

}

5 : { »

name : RHSA-2016:0594 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2016-0594.html (string)

}

6 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

7 : { »

name : openSUSE-SU-2016:0791 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html (string)

}

8 : { »

name : DSA-3479 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

]

url : http://www.debian.org/security/2016/dsa-3479 (string)

}

9 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html (string)

}

10 : { »

name : RHSA-2016:0258 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2016-0258.html (string)

}

11 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 (string)

}

12 : { »

name : FEDORA-2016-4154a4d0ba (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html (string)

}

13 : { »

name : RHSA-2016:0197 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2016-0197.html (string)

}

14 : { »

name : SUSE-SU-2016:0779 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html (string)

}

15 : { »

name : GLSA-201701-63 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : https://security.gentoo.org/glsa/201701-63 (string)

}

16 : { »

name : FEDORA-2016-338a7e9925 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html (string)

}

17 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.mozilla.org/security/announce/2016/mfsa2016-14.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cert@cert.org (string)

ID : CVE-2016-1521 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : openSUSE-SU-2016:0875 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html (string)

}

1 : { »

name : GLSA-201701-35 (string)

refsource : GENTOO (string)

url : https://security.gentoo.org/glsa/201701-35 (string)

}

2 : { »

name : 82991 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/82991 (string)

}

3 : { »

name : USN-2902-1 (string)

refsource : UBUNTU (string)

url : http://www.ubuntu.com/usn/USN-2902-1 (string)

}

4 : { »

name : http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html (string)

refsource : CONFIRM (string)

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html (string)

}

5 : { »

name : RHSA-2016:0594 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0594.html (string)

}

6 : { »

name : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

refsource : CONFIRM (string)

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

7 : { »

name : openSUSE-SU-2016:0791 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html (string)

}

8 : { »

name : DSA-3479 (string)

refsource : DEBIAN (string)

url : http://www.debian.org/security/2016/dsa-3479 (string)

}

9 : { »

name : http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html (string)

refsource : MISC (string)

url : http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html (string)

}

10 : { »

name : RHSA-2016:0258 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0258.html (string)

}

11 : { »

name : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 (string)

refsource : CONFIRM (string)

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 (string)

}

12 : { »

name : FEDORA-2016-4154a4d0ba (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html (string)

}

13 : { »

name : RHSA-2016:0197 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0197.html (string)

}

14 : { »

name : SUSE-SU-2016:0779 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html (string)

}

15 : { »

name : GLSA-201701-63 (string)

refsource : GENTOO (string)

url : https://security.gentoo.org/glsa/201701-63 (string)

}

16 : { »

name : FEDORA-2016-338a7e9925 (string)

refsource : FEDORA (string)

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html (string)

}

17 : { »

name : http://www.mozilla.org/security/announce/2016/mfsa2016-14.html (string)

refsource : CONFIRM (string)

url : http://www.mozilla.org/security/announce/2016/mfsa2016-14.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T23:02:11.563Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : openSUSE-SU-2016:0875 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html (string)

}

1 : { »

name : GLSA-201701-35 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : https://security.gentoo.org/glsa/201701-35 (string)

}

2 : { »

name : 82991 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/82991 (string)

}

3 : { »

name : USN-2902-1 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_UBUNTU (string)

2 : x_transferred (string)

]

url : http://www.ubuntu.com/usn/USN-2902-1 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html (string)

}

5 : { »

name : RHSA-2016:0594 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2016-0594.html (string)

}

6 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

7 : { »

name : openSUSE-SU-2016:0791 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html (string)

}

8 : { »

name : DSA-3479 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

2 : x_transferred (string)

]

url : http://www.debian.org/security/2016/dsa-3479 (string)

}

9 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html (string)

}

10 : { »

name : RHSA-2016:0258 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2016-0258.html (string)

}

11 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 (string)

}

12 : { »

name : FEDORA-2016-4154a4d0ba (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html (string)

}

13 : { »

name : RHSA-2016:0197 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2016-0197.html (string)

}

14 : { »

name : SUSE-SU-2016:0779 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html (string)

}

15 : { »

name : GLSA-201701-63 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : https://security.gentoo.org/glsa/201701-63 (string)

}

16 : { »

name : FEDORA-2016-338a7e9925 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_FEDORA (string)

2 : x_transferred (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html (string)

}

17 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.mozilla.org/security/announce/2016/mfsa2016-14.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 37e5125f-f79b-445b-8fad-9564f167944b (string)

assignerShortName : certcc (string)

cveId : CVE-2016-1521 (string)

datePublished : 2016-02-13T02:00:00 (string)

dateReserved : 2016-01-07T00:00:00 (string)

dateUpdated : 2024-08-05T23:02:11.563Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:*", "matchCriteriaId": "97564D83-D822-4F67-88AC-D6E2F3855763", "versionEndIncluding": "1.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "735317AD-14B8-4A73-B5B0-6A4C84FC202E", "versionEndIncluding": "42.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1F007CC6-9391-4E1C-A747-F3DE5E572FA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "45E9641F-430C-4B3A-BD63-EC13DBD3D1E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5AADD23B-A8AF-4679-990D-C29A1D6EB5CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1343A1FD-98CF-4A6C-A697-1253E538FD5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "6D098567-B55E-4EAC-8FAA-31FAFDD4058F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "BE0389BC-D295-4957-8AE7-EDAC770F596D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E75E69A5-AC94-4F35-9EFB-1BFF8B78210D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "2765E663-C9CF-476A-B7A8-6F02D0E2D72D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "62B4E871-0ACB-4EC5-8392-EAD0DF25E64B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "435D6EF5-C879-4121-9D47-EF2236E53409", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5F99233D-55EE-474D-9D8A-872D5FD9F3DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A5963D11-D2F4-40A7-81CE-E034C91FCCBD", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "F9835F35-2BFD-40D3-976E-953FB7F21330", "versionEndIncluding": "38.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font."}, {"lang": "es", "value": "La funci\u00f3n directmachine.cpp en Libgraphite en Graphite 2 1.2.4, como se utiliza en Mozilla Firefox en versiones anteriores a 43.0 y Firefox ESR 38.x en versiones anteriores a 38.6.1, no valida una determinada operaci\u00f3n de salto, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario, obtener informaci\u00f3n sensible o causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una fuente inteligente Graphite."}], "id": "CVE-2016-1521", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-02-13T02:59:06.883", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"source": "cret@cert.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"source": "cret@cert.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"source": "cret@cert.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"source": "cret@cert.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"source": "cret@cert.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"source": "cret@cert.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3479"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}, {"source": "cret@cert.org", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"source": "cret@cert.org", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/82991"}, {"source": "cret@cert.org", "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"source": "cret@cert.org", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"source": "cret@cert.org", "url": "https://security.gentoo.org/glsa/201701-35"}, {"source": "cret@cert.org", "url": "https://security.gentoo.org/glsa/201701-63"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-0197.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-0594.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3479"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-14.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/82991"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2902-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201701-35"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201701-63"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 16F59A04-14CF-49E2-9973-645477EA09DA (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* (string)

matchCriteriaId : C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:sil:graphite2:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 97564D83-D822-4F67-88AC-D6E2F3855763 (string)

versionEndIncluding : 1.2.4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 735317AD-14B8-4A73-B5B0-6A4C84FC202E (string)

versionEndIncluding : 42.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 1F007CC6-9391-4E1C-A747-F3DE5E572FA5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 45E9641F-430C-4B3A-BD63-EC13DBD3D1E4 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 5AADD23B-A8AF-4679-990D-C29A1D6EB5CD (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 1343A1FD-98CF-4A6C-A697-1253E538FD5C (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 6D098567-B55E-4EAC-8FAA-31FAFDD4058F (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:* (string)

matchCriteriaId : BE0389BC-D295-4957-8AE7-EDAC770F596D (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E75E69A5-AC94-4F35-9EFB-1BFF8B78210D (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 2765E663-C9CF-476A-B7A8-6F02D0E2D72D (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 62B4E871-0ACB-4EC5-8392-EAD0DF25E64B (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 435D6EF5-C879-4121-9D47-EF2236E53409 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.5.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 5F99233D-55EE-474D-9D8A-872D5FD9F3DE (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:* (string)

matchCriteriaId : A5963D11-D2F4-40A7-81CE-E034C91FCCBD (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F9835F35-2BFD-40D3-976E-953FB7F21330 (string)

versionEndIncluding : 38.5.1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:* (string)

matchCriteriaId : 253C303A-E577-4488-93E6-68A8DD942C38 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:* (string)

matchCriteriaId : E79AB8DD-C907-4038-A931-1A5A4CFB6A5B (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font. (string)

}

1 : { »

lang : es (string)

value : La función directmachine.cpp en Libgraphite en Graphite 2 1.2.4, como se utiliza en Mozilla Firefox en versiones anteriores a 43.0 y Firefox ESR 38.x en versiones anteriores a 38.6.1, no valida una determinada operación de salto, lo que permite a atacantes remotos ejecutar código arbitrario, obtener información sensible o causar una denegación de servicio (lectura fuera de rango y caída de aplicación) a través de una fuente inteligente Graphite. (string)

}

]

id : CVE-2016-1521 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 8.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-02-13T02:59:06.883 (string)

references : [ »

0 : { »

source : cret@cert.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html (string)

}

1 : { »

source : cret@cert.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html (string)

}

2 : { »

source : cret@cert.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html (string)

}

3 : { »

source : cret@cert.org (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html (string)

}

4 : { »

source : cret@cert.org (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html (string)

}

5 : { »

source : cret@cert.org (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html (string)

}

6 : { »

source : cret@cert.org (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0197.html (string)

}

7 : { »

source : cret@cert.org (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0258.html (string)

}

8 : { »

source : cret@cert.org (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0594.html (string)

}

9 : { »

source : cret@cert.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2016/dsa-3479 (string)

}

10 : { »

source : cret@cert.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mozilla.org/security/announce/2016/mfsa2016-14.html (string)

}

11 : { »

source : cret@cert.org (string)

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html (string)

}

12 : { »

source : cret@cert.org (string)

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

13 : { »

source : cret@cert.org (string)

url : http://www.securityfocus.com/bid/82991 (string)

}

14 : { »

source : cret@cert.org (string)

url : http://www.ubuntu.com/usn/USN-2902-1 (string)

}

15 : { »

source : cret@cert.org (string)

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 (string)

}

16 : { »

source : cret@cert.org (string)

url : https://security.gentoo.org/glsa/201701-35 (string)

}

17 : { »

source : cret@cert.org (string)

url : https://security.gentoo.org/glsa/201701-63 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://blog.talosintel.com/2016/02/vulnerability-spotlight-libgraphite.html (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177520.html (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184623.html (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00052.html (string)

}

22 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00058.html (string)

}

23 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00088.html (string)

}

24 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0197.html (string)

}

25 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0258.html (string)

}

26 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2016-0594.html (string)

}

27 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.debian.org/security/2016/dsa-3479 (string)

}

28 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mozilla.org/security/announce/2016/mfsa2016-14.html (string)

}

29 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html (string)

}

30 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html (string)

}

31 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/82991 (string)

}

32 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.ubuntu.com/usn/USN-2902-1 (string)

}

33 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 (string)

}

34 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://security.gentoo.org/glsa/201701-35 (string)

}

35 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://security.gentoo.org/glsa/201701-63 (string)

}

]

sourceIdentifier : cret@cert.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-119 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2016:0197", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "firefox-0:38.6.1-1.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-02-16T00:00:00Z"}, {"advisory": "RHSA-2016:0258", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "thunderbird-0:38.6.0-1.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-02-18T00:00:00Z"}, {"advisory": "RHSA-2016:0197", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "firefox-0:38.6.1-1.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-02-16T00:00:00Z"}, {"advisory": "RHSA-2016:0258", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "thunderbird-0:38.6.0-1.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-02-18T00:00:00Z"}, {"advisory": "RHSA-2016:0197", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:38.6.1-1.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-02-16T00:00:00Z"}, {"advisory": "RHSA-2016:0258", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:38.6.0-1.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-02-18T00:00:00Z"}, {"advisory": "RHSA-2016:0594", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "graphite2-0:1.3.6-1.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-04-05T00:00:00Z"}], "bugzilla": {"description": "graphite2: Out-of-bound read vulnerability triggered by crafted fonts", "id": "1305805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1305805"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "cwe": "CWE-125", "details": ["The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.", "A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of the application."], "name": "CVE-2016-1521", "public_date": "2016-02-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-1521\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-1521\nhttp://www.talosintel.com/reports/TALOS-2016-0058/"], "threat_severity": "Important"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2016:0197 (string)

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

package : firefox-0:38.6.1-1.el5_11 (string)

product_name : Red Hat Enterprise Linux 5 (string)

release_date : 2016-02-16T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2016:0258 (string)

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

package : thunderbird-0:38.6.0-1.el5_11 (string)

product_name : Red Hat Enterprise Linux 5 (string)

release_date : 2016-02-18T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2016:0197 (string)

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

package : firefox-0:38.6.1-1.el6_7 (string)

product_name : Red Hat Enterprise Linux 6 (string)

release_date : 2016-02-16T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2016:0258 (string)

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

package : thunderbird-0:38.6.0-1.el6_7 (string)

product_name : Red Hat Enterprise Linux 6 (string)

release_date : 2016-02-18T00:00:00Z (string)

}

4 : { »

advisory : RHSA-2016:0197 (string)

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

package : firefox-0:38.6.1-1.el7_2 (string)

product_name : Red Hat Enterprise Linux 7 (string)

release_date : 2016-02-16T00:00:00Z (string)

}

5 : { »

advisory : RHSA-2016:0258 (string)

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

package : thunderbird-0:38.6.0-1.el7_2 (string)

product_name : Red Hat Enterprise Linux 7 (string)

release_date : 2016-02-18T00:00:00Z (string)

}

6 : { »

advisory : RHSA-2016:0594 (string)

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

package : graphite2-0:1.3.6-1.el7_2 (string)

product_name : Red Hat Enterprise Linux 7 (string)

release_date : 2016-04-05T00:00:00Z (string)

}

]

bugzilla : { »

description : graphite2: Out-of-bound read vulnerability triggered by crafted fonts (string)

id : 1305805 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1305805 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 6.8 (string)

cvss_scoring_vector : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

status : verified (string)

}

cwe : CWE-125 (string)

details : [ »

0 : The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font. (string)

1 : A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of the application. (string)

]

name : CVE-2016-1521 (string)

public_date : 2016-02-05T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2016-1521 https://nvd.nist.gov/vuln/detail/CVE-2016-1521 http://www.talosintel.com/reports/TALOS-2016-0058/ (string)

]

threat_severity : Important (string)

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object