Denial of Service Vulnerability in HarfBuzz (CVE-2016-2050)

Denial of Service Vulnerability in HarfBuzz (CVE-2016-2050)

CVE-2015-9274 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two bytes and application crash) because of GPOS and GSUB table mishandling, related to hb-ot-layout-gpos-table.hh, hb-ot-layout-gsub-table.hh, and hb-ot-layout-gsubgpos-private.hh.

Learn more about our Web Application Penetration Testing UK.