Mozilla Firefox ESR < 45.9

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 45.9. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-11 advisory. - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex...

SUSE CVE-2017-7776

Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph...

SUSE CVE-2018-7999

In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...

USN-3315-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, spoof the addressbar contents, or execute...

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

UBUNTU-CVE-2017-7778

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

UBUNTU-CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

UBUNTU-CVE-2016-2792

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...

UBUNTU-CVE-2016-2801

The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...

CVE-2016-1526

CVE-2016-1526 concerns Graphite2 Libgraphite’s TtfUtil:LocaLookup in Graphite 2 1.2.4 used by Mozilla Firefox before 43.0 and ESR 38.x before 38.6.1. The bug stems from incorrect validation of a size value in TtfUtil.cpp, enabling remote attackers to trigger an out-of-bounds read, potentially lea...