Vulnerability Spotlight: Libgraphite Font Processing Vulnerabilities

By Talos Group Vulnerabilities Discovered by Yves Younan of Cisco Talos. Talos is releasing an advisory for four vulnerabilities that have been found within the Libgraphite library, which is used for font processing in Linux, Firefox, OpenOffice, and other major applications. The most severe vulnerability results from an out-of-bounds read which the attacker can use to achieve arbitrary code execution. A second vulnerability is an exploitable heap overflow. Finally, the last two vulnerabilities result in denial of service situations. To exploit these vulnerabilities, an attacker []

Source:: Cisco Security Notice