Firefox ESR < 38.6.1 Multiple Graphite 2 Library RCE

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows host contains a web browser that is affected by
multiple remote code execution vulnerabilities.

Description :

The version of Mozilla Firefox ESR installed on the remote Windows
host is prior to 38.6.1. It is, therefore, affected by multiple remote
code execution vulnerabilities in the Graphite 2 library :

- An overflow condition exists in the Context Item
functionality due to improper validation of
user-supplied input. An unauthenticated, remote attacker
can exploit this, via a crafted Graphite smart font, to
cause a heap-based buffer overflow, resulting in a
denial of service or the execution of arbitrary code.

- An out-of-bounds write error exists in the setAttr()
function that is triggered when handling maliciously
crafted fonts. An unauthenticated, remote attacker can
exploit this to execute arbitrary code. (CVE-2016-1969)

See also :

Solution :

Upgrade to Mozilla Firefox ESR version 38.6.1 or later.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.1
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 88753 ()

Bugtraq ID: 82991

CVE ID: CVE-2016-1523

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now