Security researchers have found vulnerabilities in Graphite, also known as Libgraphite font processing library, that affects a number of systems. The vulnerabilities, if exploited, allow an attacker to seed malicious fonts to a machine. The Libgraphite library is utilised by Linux, Thunderbird, WordPad,Firefox, OpenOffice, as well as several other major platforms and applications.
Security researchers from Cisco have posted an advisory to outline four vulnerabilities in the Libgraphite font processing library. One of the vulnerabilities allows the attackers to execute arbitrary code on the machine, and among other things, crash the system.
Two of the vulnerabilities can result in denial of service situations. “An attacker simply needs the user to run a Graphite-enabled application that renders a page using a specially crafted font that triggers one of these vulnerabilities,” the team wrote in a blog post.
The vulnerabilities impact Firefox 11 and later versions and many other aforementioned apps and services that support Graphite. “Since Mozilla Firefox 11 and later versions directly support Graphite, the attacker could easily compromise a server and then serve the specially crafted font when the user renders a page from the server (since Graphite supports both local and server-based fonts).” To recall, Firefox included Graphite by default in 2012.
Besides the large range of devices that are impacted, the vulnerabilities are also concerning because it is quite easy for attackers to get hold of a machine. A user can unknowingly visit a malicious website and get affected. Mozilla, and various Linux distributions are yet to address the issue.
[“source-gadgets.ndtv”]