Mozilla Firefox and Firefox ESR Graphite 2 Denial of Service Vulnerability (CNVD-2017-12547)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data plotting written ...

Mozilla Firefox and Firefox ESR Graphite 2 Arbitrary Code Execution Vulnerability (CNVD-2017-12544)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data plotting written ...

Mozilla Firefox and Firefox ESR Graphite 2 Denial of Service Vulnerability (CNVD-2017-12542)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data plotting written ...

Mozilla Firefox and Firefox ESR Graphite 2 Denial of Service Vulnerability (CNVD-2017-12541)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data plotting written ...

Mozilla Firefox and Firefox ESR Graphite 2 Information Disclosure Vulnerability

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a suite of enterprise-class open source system monitoring tools data mapping written i...

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

graphite2: heap-buffer-overflow write "lz4::decompress" (CVE-2017-7772)

A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

graphite2: heap-buffer-overflow read "graphite2::Silf::getClassGlyph"

An out of bounds read flaw related to "graphite2::Silf::getClassGlyph" has been reported in graphite2. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

graphite2: out of bounds read in "graphite2::Pass::readPass"

An out of bounds read flaw related to "graphite2::Pass::readPass" has been reported in graphite2. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

graphite2: out of bounds read "graphite2::Silf::readGraphite"

An out of bounds read flaw related to "graphite2::Silf::readGraphite" has been reported in graphite2. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash...

Mozilla: Vulnerabilities in the Graphite 2 library (MFSA 2017-16)

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

UBUNTU-CVE-2017-7773

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor...

Mozilla: graphite2: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12)

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

Mozilla: graphite2: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12)

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

Mozilla: graphite2: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12)

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

graphite2: Out-of-bounds read vulnerability in TfUtil:LocaLookup

A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of t...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::vm::Machine::Code::Code function in browsers Firefox ESR and Firefox, as well as in the Graphite 2 rendering software, is caused by a buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions or other...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::Slot::getAttr function Slot.cpp in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software, arises due to buffer overflows. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effects through a...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::Slot::setAttr function in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software, is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effect...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::FileFace::gettablefn function in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software, means that memory is not initialized for special data structures. Exploiting this vulnerability can allow a malicious actor to cause service...