VDB

GCVE-110-MAGEIA-2016-77

GCVE-110-MAGEIA-2016-77
Advisory Published
Vulnetix · Advisory published February 17, 2016
Multiple vulnerabilities in the graphite2 font library can result in information disclosure, denial-of-service (application crashes), or code execution via out-of-bounds reads, a NULL pointer dereference, and a heap-based buffer overflow (CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526). Firefox includes a bundled copy of the graphite2 library, which has been updated in Firefox ESR 38.6.1.

Affected Products

VendorProductVersionsPlatforms
Mageiafirefox-l10n0 (affected), 38.6.1-1.mga5 (unaffected), 38.6.1-1.mga5 (unaffected), 0 (affected)
Mageiaisodumper0 (affected), 0.47-1.mga5 (unaffected)
Mageiagraphite20 (affected), 0 (affected), 1.3.5-1.mga5 (unaffected), 1.3.5-1.mga5 (unaffected)
Mageiafirefox0 (affected), 38.6.1-1.mga5 (unaffected), 0 (affected), 38.6.1-1.mga5 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›