CVE-2017-7774 — Out-of-bounds Read in Mozilla Firefox

CWE-125 — Out-of-bounds Read11 documents8 sources

Severity

9.1CRITICALNVD

EPSS

0.6%

top 31.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SIL Graphite2 Mozilla Firefox

Timeline

PublishedApr 15

Latest updateMay 14

Description

Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages4 packages

▶NVDsil/graphite2< 1.3.10

▶Debiansil/graphite2< 1.3.10-1+3

▶NVDmozilla/firefox< 54.0

▶CVEListV5mozilla/firefoxAll versions prior to Firefox 54

Patches

Patch: www.mozilla.org ↗Patch: www.mozilla.org ↗

🔴Vulnerability Details

GHSA

GHSA-2j49-q898-whm9: Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function↗2022-05-14

▶

OSV

CVE-2017-7774: Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function↗2019-04-15

▶

CVEList

CVE-2017-7774: Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function↗2019-04-12

▶

📋Vendor Advisories

Ubuntu

graphite2 vulnerabilities↗2017-08-21

▶

Ubuntu

Thunderbird vulnerabilities↗2017-07-05

▶

Ubuntu

Firefox vulnerabilities↗2017-06-15

▶

Red Hat

graphite2: out of bounds read "graphite2::Silf::readGraphite"↗2017-06-14

▶

Debian

CVE-2017-7774: firefox - Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf:...↗2017

▶

💬Community

Bugzilla

CVE-2017-7774 graphite2: out of bounds read "graphite2::Silf::readGraphite"↗2017-07-18

▶

Bugzilla

CVE-2017-7778 Mozilla: Vulnerabilities in the Graphite 2 library (MFSA 2017-16)↗2017-06-14

▶