Vulnerability CVE-2017-7774


Published: 2019-04-15

Description:
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Silf::readGraphite function.

Type:

CWE-125

(Out-of-bounds Read)

Vendor: Mozilla
Product: Firefox 
Version:
9.0.1
9.0
8.0.1
8.0
7.0.1
7.0
6.0.2
6.0.1
6.0
53.0.3
53.0.2
53.0
52.9.0
52.8.1
52.8.0
52.7.4
52.7.3
52.7.2
52.7.1
52.7.0
52.6.0
52.5.3
52.5.2
52.5.0
52.4.1
52.4.0
52.3.0
52.2.1
52.2.0
52.1.2
52.1.1
52.1.0
52.0.2
52.0.1
52.0
51.0.1
51.0
50.0.2
50.0.1
50.0
5.0.1
5.0
49.0.2
49.0.1
49.0
48.0.2
48.0.1
48.0
47.0.2
47.0.1
47.0
46.0.1
46.0
45.9.0
45.8.0
45.7.0
45.6.0
45.5.1
45.5.0
45.4.0
45.3.0
45.2.0
45.1.1
45.0.2
45.0.1
45.0
44.0.2
44.0.1
44.0
43.0.4
43.0.3
43.0.2
43.0.1
43.0
42.0
41.0.2
41.0.1
41.0
40.0.3
40.0.2
40.0
4.0.1
4.0
39.0.3
39.0
38.8.0
38.7.1
38.7.0
38.6.1
38.6.0
38.5.2
38.5.1
38.5.0
38.4.0
38.3.0
38.2.1
38.2.0
38.1.1
38.1.0
38.0.5
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
Partial

 References:
https://www.mozilla.org/en-US/security/advisories/mfsa2017-15/

Related CVE
CVE-2018-12404
A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. This is a variant of the Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) and affects all NSS versions prior to NSS ...
CVE-2018-5123
A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.
CVE-2018-12384
When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. This results in full malleability of the ClientHello for SSLv2 used for TLS 1.2 in all versions prior to NSS 3.3...
CVE-2019-9813
Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
CVE-2019-9810
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox < 66.0.1, Firefox ESR < 60.6.1, and Thunderbird < 60.6.1.
CVE-2019-9809
If the source for resources on a page is through an FTP connection, it is possible to trigger a series of modal alert messages for these resources through invalid credentials or locations. These messages cannot be immediately dismissed, allowing for ...
CVE-2019-9808
If WebRTC permission is requested from documents with data: or blob: URLs, the permission notifications do not properly display the originating domain. The notification states "Unknown origin" as the requestee, leading to user confusion about which s...
CVE-2019-9807
When arbitrary text is sent over an FTP connection and a page reload is initiated, it is possible to create a modal alert message with this text as the content. This could potentially be used for social engineering attacks. This vulnerability affects...

Copyright 2019, cxsecurity.com

 

Back to Top