CVE-2017-7771 — Out-of-bounds Read in Mozilla Firefox

CWE-125 — Out-of-bounds Read12 documents8 sources

Severity

8.1HIGHNVD

EPSS

0.5%

top 32.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SIL Graphite2 Mozilla Firefox

Timeline

PublishedApr 15

Latest updateMay 14

Description

Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:HExploitability: 2.8 | Impact: 5.2

Affected Packages4 packages

▶NVDsil/graphite2< 1.3.10

▶Debiansil/graphite2< 1.3.10-1+3

▶NVDmozilla/firefox< 54.0

▶CVEListV5mozilla/firefoxAll versions prior to Firefox 54

🔴Vulnerability Details

GHSA

GHSA-762q-83qx-7jc3: Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function↗2022-05-14

▶

OSV

CVE-2017-7771: Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function↗2019-04-15

▶

CVEList

CVE-2017-7771: Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function↗2019-04-12

▶

OSV

thunderbird vulnerabilities↗2017-07-05

▶

📋Vendor Advisories

Ubuntu

graphite2 vulnerabilities↗2017-08-21

▶

Ubuntu

Thunderbird vulnerabilities↗2017-07-05

▶

Ubuntu

Firefox vulnerabilities↗2017-06-15

▶

Red Hat

graphite2: out of bounds read in "graphite2::Pass::readPass"↗2017-06-14

▶

Debian

CVE-2017-7771: firefox - Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass:...↗2017

▶

💬Community

Bugzilla

CVE-2017-7771 graphite2: out of bounds read in "graphite2::Pass::readPass"↗2017-07-18

▶

Bugzilla

CVE-2017-7778 Mozilla: Vulnerabilities in the Graphite 2 library (MFSA 2017-16)↗2017-06-14

▶