Lucene search
K

7 matches found

CVE
CVE
added 2018/06/11 9:0 p.m.155 views

CVE-2017-7778

CVE-2017-7778 relates to multiple vulnerabilities in Graphite2 (upstream 1.3.10). The issues include out-of-bounds reads, buffer overflow reads/writes, and use of uninitialized memory in Graphite2, and are addressed by upgrading to Graphite2 1.3.10. Publicly affected products in the CVE record in...

9.8CVSS8.6AI score0.05216EPSS
CVE
CVE
added 2019/04/12 7:32 p.m.153 views

CVE-2017-7774

CVE-2017-7774 is an out-of-bounds read in graphite2::Silf::readGraphite within the Graphite2 library used by Firefox prior to version 54. Affected component: graphite2 library; affected product is Firefox (pre-54). Root cause: out-of-bounds read in readGraphite. Impact per sources: memory disclos...

9.1CVSS9.4AI score0.01419EPSS
CVE
CVE
added 2019/04/12 6:0 p.m.151 views

CVE-2017-7772

CVE-2017-7772 describes a heap-based buffer overflow in the Graphite2 library, specifically in lz4::decompress, affecting Firefox prior to 54. The issue is triggered when processing crafted font data, potentially allowing a crash or arbitrary code execution in the context of an application using ...

8.8CVSS9.3AI score0.01418EPSS
CVE
CVE
added 2019/04/12 7:30 p.m.146 views

CVE-2017-7771

CVE-2017-7771 is an out-of-bounds read in the Graphite2 font-rendering library, specifically in graphite2::Pass::readPass, reported for Firefox prior to 54. Public advisories and vendor notes confirm Graphite2 vulnerabilities that can lead to crashes or memory disclosure when processing malformed...

8.1CVSS8.9AI score0.01186EPSS
CVE
CVE
added 2019/04/12 7:33 p.m.144 views

CVE-2017-7776

Graphite2 (graphite2) contains multiple vulnerabilities including CVE-2017-7776, a heap-based buffer overflow (read) in graphite2::Silf::getClassGlyph, potentially triggering crashes or code execution when processing malformed fonts. This family affects Firefox prior to 54 and various distributio...

8.1CVSS9AI score0.02767EPSS
CVE
CVE
added 2019/04/12 7:35 p.m.139 views

CVE-2017-7777

CVE-2017-7777 concerns the Graphite2 font rendering library. Multiple connected sources confirm a defect in graphite2::GlyphCache::Loader::read_glyph due to use of uninitialized memory in the Graphite2 codebase, affecting Firefox before 54 and other products using graphite2. Exploitation could ca...

8.8CVSS9.3AI score0.01199EPSS
CVE
CVE
added 2019/04/12 7:31 p.m.137 views

CVE-2017-7773

CVE-2017-7773 is a Graphite2 heap-based buffer overflow in the lz4::decompress implementation (src/Decompressor) that affects Firefox prior to 54. The issue can cause a crash and, per advisories, may allow arbitrary code execution under certain conditions. Affected products are those using Graphi...

8.8CVSS9.4AI score0.01418EPSS