{
  "threat_severity" : "Important",
  "public_date" : "2016-02-05T00:00:00Z",
  "bugzilla" : {
    "description" : "graphite2: Out-of-bound read vulnerability triggered by crafted fonts",
    "id" : "1305805",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1305805"
  },
  "cvss" : {
    "cvss_base_score" : "6.8",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "status" : "verified"
  },
  "cwe" : "CWE-125",
  "details" : [ "The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.", "A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of the application." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2016-02-16T00:00:00Z",
    "advisory" : "RHSA-2016:0197",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "firefox-0:38.6.1-1.el5_11"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2016-02-18T00:00:00Z",
    "advisory" : "RHSA-2016:0258",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "thunderbird-0:38.6.0-1.el5_11"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2016-02-16T00:00:00Z",
    "advisory" : "RHSA-2016:0197",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "firefox-0:38.6.1-1.el6_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2016-02-18T00:00:00Z",
    "advisory" : "RHSA-2016:0258",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "thunderbird-0:38.6.0-1.el6_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-02-16T00:00:00Z",
    "advisory" : "RHSA-2016:0197",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "firefox-0:38.6.1-1.el7_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-02-18T00:00:00Z",
    "advisory" : "RHSA-2016:0258",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "thunderbird-0:38.6.0-1.el7_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-04-05T00:00:00Z",
    "advisory" : "RHSA-2016:0594",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "graphite2-0:1.3.6-1.el7_2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-1521\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-1521\nhttp://www.talosintel.com/reports/TALOS-2016-0058/" ],
  "name" : "CVE-2016-1521",
  "csaw" : false
}