Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2017-5436
PUBLISHED
More InfoOfficial Page
Assigner-mozilla
Assigner Org ID-f16b083a-5664-49f3-a51e-8d479e5ed7fe
View Known Exploited Vulnerability (KEV) details
Published At-11 Jun, 2018 | 21:00
Updated At-05 Aug, 2024 | 15:04
Rejected At-
▼CVE Numbering Authority (CNA)

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.

Affected Products
Vendor
Mozilla CorporationMozilla
Product
Thunderbird
Versions
Affected
  • From unspecified before 52.1 (custom)
Vendor
Mozilla CorporationMozilla
Product
Firefox ESR
Versions
Affected
  • From unspecified before 45.9 (custom)
  • From unspecified before 52.1 (custom)
Vendor
Mozilla CorporationMozilla
Product
Firefox
Versions
Affected
  • From unspecified before 53 (custom)
Problem Types
TypeCWE IDDescription
textN/AOut-of-bounds write with malicious font in Graphite 2
Type: text
CWE ID: N/A
Description: Out-of-bounds write with malicious font in Graphite 2
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2017:1106
vendor-advisory
x_refsource_REDHAT
https://www.mozilla.org/security/advisories/mfsa2017-12/
x_refsource_CONFIRM
https://www.mozilla.org/security/advisories/mfsa2017-11/
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201706-25
vendor-advisory
x_refsource_GENTOO
https://www.mozilla.org/security/advisories/mfsa2017-10/
x_refsource_CONFIRM
http://www.securityfocus.com/bid/97940
vdb-entry
x_refsource_BID
https://www.debian.org/security/2017/dsa-3831
vendor-advisory
x_refsource_DEBIAN
https://www.mozilla.org/security/advisories/mfsa2017-13/
x_refsource_CONFIRM
http://www.securitytracker.com/id/1038320
vdb-entry
x_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2017:1104
vendor-advisory
x_refsource_REDHAT
https://bugzilla.mozilla.org/show_bug.cgi?id=1345461
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:1201
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1106
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-12/
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-11/
Resource:
x_refsource_CONFIRM
Hyperlink: https://security.gentoo.org/glsa/201706-25
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-10/
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/97940
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://www.debian.org/security/2017/dsa-3831
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-13/
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id/1038320
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1104
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1345461
Resource:
x_refsource_CONFIRM
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1201
Resource:
vendor-advisory
x_refsource_REDHAT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2017:1106
vendor-advisory
x_refsource_REDHAT
x_transferred
https://www.mozilla.org/security/advisories/mfsa2017-12/
x_refsource_CONFIRM
x_transferred
https://www.mozilla.org/security/advisories/mfsa2017-11/
x_refsource_CONFIRM
x_transferred
https://security.gentoo.org/glsa/201706-25
vendor-advisory
x_refsource_GENTOO
x_transferred
https://www.mozilla.org/security/advisories/mfsa2017-10/
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/97940
vdb-entry
x_refsource_BID
x_transferred
https://www.debian.org/security/2017/dsa-3831
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://www.mozilla.org/security/advisories/mfsa2017-13/
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id/1038320
vdb-entry
x_refsource_SECTRACK
x_transferred
https://access.redhat.com/errata/RHSA-2017:1104
vendor-advisory
x_refsource_REDHAT
x_transferred
https://bugzilla.mozilla.org/show_bug.cgi?id=1345461
x_refsource_CONFIRM
x_transferred
https://access.redhat.com/errata/RHSA-2017:1201
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1106
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-12/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-11/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201706-25
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-10/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/97940
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://www.debian.org/security/2017/dsa-3831
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://www.mozilla.org/security/advisories/mfsa2017-13/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id/1038320
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1104
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://bugzilla.mozilla.org/show_bug.cgi?id=1345461
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2017:1201
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Details not found