Arbitrary Code Execution and Memory Corruption in SIL Graphite 2

Arbitrary Code Execution and Memory Corruption in SIL Graphite 2

CVE-2012-3971 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the (1) Silf::readClassMap and (2) Pass::readPass functions.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.