1
Candidate: CVE-2016-1969
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1969
5
https://bugzilla.mozilla.org/show_bug.cgi?id=1242322
6
http://www.mozilla.org/security/announce/2016/mfsa2016-38.html
8
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox
9
before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to
10
cause a denial of service (out-of-bounds write) or possibly have
11
unspecified other impact via a crafted Graphite smart font.
17
Assigned-to: chrisccoulson
20
upstream_firefox: released (45.0)
21
precise_firefox: released (45.0+build2-0ubuntu0.12.04.1)
22
trusty_firefox: released (45.0+build2-0ubuntu0.14.04.1)
23
vivid/ubuntu-core_firefox: DNE
24
vivid/stable-phone-overlay_firefox: DNE
25
wily_firefox: released (45.0+build2-0ubuntu0.15.10.1)
26
devel_firefox: released (45.0+build2-0ubuntu1)
29
Priority_thunderbird: low
30
upstream_thunderbird: not-affected
31
precise_thunderbird: not-affected
32
trusty_thunderbird: not-affected
33
vivid/ubuntu-core_thunderbird: DNE
34
vivid/stable-phone-overlay_thunderbird: DNE
35
wily_thunderbird: not-affected
36
devel_thunderbird: not-affected