7 matches found
CVE-2017-7778
CVE-2017-7778 relates to multiple vulnerabilities in Graphite2 (upstream 1.3.10). The issues include out-of-bounds reads, buffer overflow reads/writes, and use of uninitialized memory in Graphite2, and are addressed by upgrading to Graphite2 1.3.10. Publicly affected products in the CVE record in...
CVE-2017-7774
CVE-2017-7774 is an out-of-bounds read in graphite2::Silf::readGraphite within the Graphite2 library used by Firefox prior to version 54. Affected component: graphite2 library; affected product is Firefox (pre-54). Root cause: out-of-bounds read in readGraphite. Impact per sources: memory disclos...
CVE-2017-7772
CVE-2017-7772 describes a heap-based buffer overflow in the Graphite2 library, specifically in lz4::decompress, affecting Firefox prior to 54. The issue is triggered when processing crafted font data, potentially allowing a crash or arbitrary code execution in the context of an application using ...
CVE-2017-7771
CVE-2017-7771 is an out-of-bounds read in the Graphite2 font-rendering library, specifically in graphite2::Pass::readPass, reported for Firefox prior to 54. Public advisories and vendor notes confirm Graphite2 vulnerabilities that can lead to crashes or memory disclosure when processing malformed...
CVE-2017-7776
Graphite2 (graphite2) contains multiple vulnerabilities including CVE-2017-7776, a heap-based buffer overflow (read) in graphite2::Silf::getClassGlyph, potentially triggering crashes or code execution when processing malformed fonts. This family affects Firefox prior to 54 and various distributio...
CVE-2017-7777
CVE-2017-7777 concerns the Graphite2 font rendering library. Multiple connected sources confirm a defect in graphite2::GlyphCache::Loader::read_glyph due to use of uninitialized memory in the Graphite2 codebase, affecting Firefox before 54 and other products using graphite2. Exploitation could ca...
CVE-2017-7773
CVE-2017-7773 is a Graphite2 heap-based buffer overflow in the lz4::decompress implementation (src/Decompressor) that affects Firefox prior to 54. The issue can cause a crash and, per advisories, may allow arbitrary code execution under certain conditions. Affected products are those using Graphi...