Graphic library lib and vulnerable Police car in Firefox, Thunderbird, and Talos said WordPad
Cisco updated belonging Talos announced a bunch of error present library source applications that run on Windows and Linux that affect client and server computers.
The problem is in the Libgraphite library, and means that applications that use the library to load the TTF font file can inherit their vulnerabilities. Everything needed for a successful operation, Talos writes, is that the user will need to run an application allowed graphite to a page with a maliciously crafted font.
Since Libgraphite is a font library, vulnerable environments are not limited to a particular operating system. Microsoft WordPad uses, but Thunderbird, Firefox and OpenOffice (to name a few).
The office believes that "Linux" is vulnerable, but El Reg suspicion is a misunderstanding, since it is clear that the VULN is triggered by application of activated graphite.
And since Libgraphite supports server-side policies ", the attacker could easily compromise a server and then serve the police specifically designed when the user takes a page from the server."
Talos four vulnerabilities CVE (Common Vulnerabilities and Exposures) CVE-2016-1521 / 2/3/6 are described.
Topping the list is the severity of off-limits read. The authors of the police lost value Goto check packages ensure that the variable program remains in memory limits.
TTF and VM exploits have been demonstrated by Joshua Drake in Pwn2Own last year - "Reading out of bounds, the TTF virtual machine to run code under the attacker's control," Talos said.
Cisco updated belonging Talos announced a bunch of error present library source applications that run on Windows and Linux that affect client and server computers.
The problem is in the Libgraphite library, and means that applications that use the library to load the TTF font file can inherit their vulnerabilities. Everything needed for a successful operation, Talos writes, is that the user will need to run an application allowed graphite to a page with a maliciously crafted font.
Since Libgraphite is a font library, vulnerable environments are not limited to a particular operating system. Microsoft WordPad uses, but Thunderbird, Firefox and OpenOffice (to name a few).
The office believes that "Linux" is vulnerable, but El Reg suspicion is a misunderstanding, since it is clear that the VULN is triggered by application of activated graphite.
And since Libgraphite supports server-side policies ", the attacker could easily compromise a server and then serve the police specifically designed when the user takes a page from the server."
Talos four vulnerabilities CVE (Common Vulnerabilities and Exposures) CVE-2016-1521 / 2/3/6 are described.
Topping the list is the severity of off-limits read. The authors of the police lost value Goto check packages ensure that the variable program remains in memory limits.
TTF and VM exploits have been demonstrated by Joshua Drake in Pwn2Own last year - "Reading out of bounds, the TTF virtual machine to run code under the attacker's control," Talos said.
