CVE: CVE-2017-7778

Descrizione: A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox < 54, Firefox ESR < 52.2, and Thunderbird < 52.2.

Vettore di attacco

Riferimenti esterni

• http://www.securityfocus.com/bid/99057
• https://bugzilla.mozilla.org/show_bug.cgi?id=1350047
• https://www.mozilla.org/security/advisories/mfsa2017-15/
• https://bugzilla.mozilla.org/show_bug.cgi?id=1352747
• https://access.redhat.com/errata/RHSA-2017:1793
• https://bugzilla.mozilla.org/show_bug.cgi?id=1356607
• https://www.debian.org/security/2017/dsa-3918
• http://www.securitytracker.com/id/1038689
• https://www.debian.org/security/2017/dsa-3894
• https://bugzilla.mozilla.org/show_bug.cgi?id=1355174
• https://bugzilla.mozilla.org/show_bug.cgi?id=1349310
• https://www.debian.org/security/2017/dsa-3881
• https://access.redhat.com/errata/RHSA-2017:1440
• https://bugzilla.mozilla.org/show_bug.cgi?id=1355182
• https://security.gentoo.org/glsa/201710-13
• https://access.redhat.com/errata/RHSA-2017:1561
• https://www.mozilla.org/security/advisories/mfsa2017-17/
• https://bugzilla.mozilla.org/show_bug.cgi?id=1358551
• https://bugzilla.mozilla.org/show_bug.cgi?id=1352745
• https://www.mozilla.org/security/advisories/mfsa2017-16/

Prodotti interessati

• Mozilla – Firefox
• Mozilla – Firefox ESR
• Mozilla – Thunderbird

Relazioni con altri prodotti

Produttore:Mozilla
Prodotto: Firefox
Anno: 2017
CWE:
CVSS: 0.0

Produttore:Mozilla
Prodotto: Thunderbird
Anno: 2017
CWE:
CVSS: 0.0

Produttore:Mozilla
Prodotto: Firefox ESR
Anno: 2017
CWE:
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2017)