This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
Mozilla Foundation reports :
Security researcher Holger Fuhrmannek and Mozilla security engineer
Tyson Smith reported a number of security vulnerabilities in the
Graphite 2 library affecting version 1.3.5.
The issue reported by Holger Fuhrmannek is a mechanism to induce stack
corruption with a malicious graphite font. This leads to a potentially
exploitable crash when the font is loaded.
Tyson Smith used the Address Sanitizer tool in concert with a custom
software fuzzer to find a series of uninitialized memory,
out-of-bounds read, and out-of-bounds write errors when working with
fuzzed graphite fonts.
Security researcher James Clawson used the Address Sanitizer tool to
discover an out-of-bounds write in the Graphite 2 library when loading
a crafted Graphite font file. This results in a potentially
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 9.3
Family: FreeBSD Local Security Checks
Nessus Plugin ID: 89767 ()
CVE ID: CVE-2016-1969
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now