CVE-2016-0808

MEDIUM Year: 2016
CVSS v3 Score
6.2
Medium
CVSS v2 Score
4.9
Medium
Weakness Type
CWE-19
View all →

Vulnerability Description

Integer overflow in the getCoverageFormat12 function in CmapCoverage.cpp in the Minikin library in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 allows attackers to cause a denial of service (continuous rebooting) via an application that triggers loading of a crafted TTF font, aka internal bug 25645298.

Related Vulnerabilities

CVE-2020-3232

MEDIUM
CVSS:6.3(Medium)

A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker t...

CWE-192020

CVE-2013-7440

MEDIUM
CVSS:5.9(Medium)

The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof server...

CWE-192013

CVE-2015-0203

MEDIUM
CVSS:6.5(Medium)

The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) cont...

CWE-192015

CVE-2015-2255

MEDIUM
CVSS:5.9(Medium)

Huawei AR1220 routers with software before V200R005SPH006 allow remote attackers to cause a denial of service (board reset) via vectors involving a large amount of traffic from the GE port to the FE p...

CWE-192015

CVE-2015-7575

MEDIUM
CVSS:5.9(Medium)

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TL...

CWE-192015

CVE-2015-8985

MEDIUM
CVSS:5.9(Medium)

The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to e...

CWE-192015