CVE-2017-7776

Опубликовано: 14 июн. 2017

Источник: redhat

CVSS3: 8.1

EPSS Низкий

Описание

Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.

An out of bounds read flaw related to "graphite2::Silf::getClassGlyph" has been reported in graphite2. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1472223graphite2: heap-buffer-overflow read "graphite2::Silf::getClassGlyph"

EPSS

Процентиль: 64%

0.00476

Низкий

8.1 High

CVSS3

Связанные уязвимости

CVE-2017-7776

CVSS3: 8.1

ubuntu

больше 6 лет назад

Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.

CVE-2017-7776

CVSS3: 8.1

nvd

больше 6 лет назад

Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.

CVE-2017-7776

CVSS3: 8.1

debian

больше 6 лет назад

Heap-based Buffer Overflow read in Graphite2 library in Firefox before ...

GHSA-w8wv-29f2-fhc6

CVSS3: 8.1

github

около 3 лет назад

Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.

ELSA-2017-1793

oracle-oval

около 8 лет назад

ELSA-2017-1793: graphite2 security update (IMPORTANT)

EPSS

Процентиль: 64%

0.00476

Низкий

8.1 High

CVSS3