A heap-based buffer overflow flaw related to “lz4::decompress” has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code.

References

bugzilla.redhat.com/show_bug.cgi?id=1472213

sourceforge.net/p/silgraphite/mailman/message/35824024/ https://www.mozilla.org/en-US/security/advisories/mfsa2017-16/#CVE-2017-7778

cve 2

fedora 3

redhatcve 7

openvas 41

prion 2

veracode 2

debiancve 2

osv 8

ubuntucve 2

nessus 45

ubuntu 3

amazon 1

ibm 3

oraclelinux 3

debian 6

centos 3

gentoo 2

redhat 3

cloudfoundry 1

mageia 4

archlinux 2

kaspersky 2

mozilla 3

suse 3

altlinux 2

freebsd 1

cve

CVE-2017-7772

2019-04-12 18:29:00

CVE-2017-7778

2018-06-11 21:29:00

fedora

[SECURITY] Fedora 26 Update: graphite2-1.3.10-1.fc26

2017-06-25 16:22:37

[SECURITY] Fedora 25 Update: graphite2-1.3.10-1.fc25

2017-06-28 20:53:50

[SECURITY] Fedora 24 Update: graphite2-1.3.10-1.fc24

2017-07-12 01:54:12

redhatcve

CVE-2017-7778

2017-06-14 04:51:21

CVE-2017-7775

2019-10-10 04:23:52

CVE-2017-7773

2019-10-11 16:59:26

openvas

Fedora Update for graphite2 FEDORA-2017-03ef6281a8

2017-06-29 00:00:00

Huawei EulerOS: Security Advisory for graphite2 (EulerOS-SA-2020-2006)

2020-09-29 00:00:00

Fedora Update for graphite2 FEDORA-2017-e0a9e51dd5

2017-07-14 00:00:00

prion

Heap overflow

2019-04-12 18:29:00

Buffer overflow

2018-06-11 21:29:00

veracode

Buffer Overflow Reads And Writes

2019-05-02 06:12:47

Denial Of Service (DoS)

2019-05-02 06:12:46

debiancve

CVE-2017-7772

2019-04-12 18:29:00

CVE-2017-7778

2018-06-11 21:29:00

osv

CVE-2017-7772

2019-04-12 18:29:00

CVE-2017-7778

2018-06-11 21:29:08

graphite2 - security update

2017-06-22 00:00:00

ubuntucve

CVE-2017-7772

2017-06-14 00:00:00

CVE-2017-7778

2017-06-14 00:00:00

nessus

EulerOS Virtualization for ARM 64 3.0.6.0 : graphite2 (EulerOS-SA-2020-2006)

2020-09-29 00:00:00

Debian DSA-3894-1 : graphite2 - security update

2017-06-23 00:00:00

Debian DLA-1013-1 : graphite2 security update

2017-07-06 00:00:00

ubuntu

graphite2 vulnerabilities

2017-08-21 00:00:00

Thunderbird vulnerabilities

2017-07-05 00:00:00

Firefox vulnerabilities

2017-06-15 00:00:00

amazon

Important: graphite2

2017-08-17 18:27:00

ibm

Security Bulletin: Vulnerabilities in Graphite2 affect PowerKVM

2018-06-18 01:37:20

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified

2018-06-18 00:35:38

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM SONAS.

2018-06-18 00:35:15

oraclelinux

graphite2 security update

2017-07-20 00:00:00

firefox security update

2017-06-14 00:00:00

thunderbird security update

2017-06-21 00:00:00

debian

[SECURITY] [DLA 1013-1] graphite2 security update

2017-07-05 12:16:36

[SECURITY] [DSA 3894-1] graphite2 security update

2017-06-22 17:43:51

[SECURITY] [DSA 3881-1] firefox-esr security update

2017-06-14 20:52:21

centos

graphite2 security update

2017-07-21 14:21:22

firefox security update

2017-06-15 10:14:10

thunderbird security update

2017-06-21 15:49:22

gentoo

Graphite: Multiple vulnerabilities

2017-10-13 00:00:00

Mozilla Firefox: Multiple vulnerabilities

2018-02-20 00:00:00

redhat

(RHSA-2017:1793) Important: graphite2 security update

2017-07-20 22:22:08

(RHSA-2017:1440) Critical: firefox security update

2017-06-14 05:21:03

(RHSA-2017:1561) Important: thunderbird security update

2017-06-21 03:10:17

cloudfoundry

USN-3398-1: graphite2 vulnerabilities | Cloud Foundry

2017-09-21 00:00:00

mageia

Updated graphite2 packages fix security vulnerabilities

2017-07-26 01:07:12

Updated firefox packages fix security vulnerabilities

2017-06-19 10:44:03

Updated thunderbird packages fix security vulnerability and bugs

2017-06-19 10:44:03

archlinux

[ASA-201706-20] thunderbird: multiple issues

2017-06-16 00:00:00

[ASA-201706-19] firefox: multiple issues

2017-06-16 00:00:00

kaspersky

KLA11050 Multiple vulnerabilities in Mozilla Thunderbird

2017-06-14 00:00:00

KLA11044 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

2017-06-13 00:00:00

mozilla

Security vulnerabilities fixed in Thunderbird 52.2 — Mozilla

2017-06-14 00:00:00

Security vulnerabilities fixed in Firefox ESR 52.2 — Mozilla

2017-06-13 00:00:00

Security vulnerabilities fixed in Firefox 54 — Mozilla

2017-06-13 00:00:00

suse

Security update for Mozilla based packages (important)

2017-06-20 00:09:32

Security update for MozillaFirefox, MozillaFirefox-branding-SLE (important)

2017-06-26 12:10:28

Security update for MozillaFirefox, MozillaFirefox-branding-SLED, firefox-gcc5, mozilla-nss (important)

2017-08-22 21:08:17

altlinux

Security fix for the ALT Linux 10 package thunderbird version 52.2.0-alt1

2017-06-22 00:00:00

Security fix for the ALT Linux 10 package firefox-esr version 52.2.0-alt1

2017-06-21 00:00:00

freebsd

mozilla -- multiple vulnerabilities

2017-06-13 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for RH:CVE-2017-7772