Описание
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code.
Дополнительная информация
Статус:
EPSS
8.8 High
CVSS3
Связанные уязвимости
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 i ...
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
Уязвимость функции lz4::decompress библиотеки Graphite 2 браузеров Mozilla Firefox и Mozilla Firefox ESR, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
EPSS
8.8 High
CVSS3