Total vulnerabilities in the database
The setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.6.1, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted Graphite smart font.
Software | From | Fixed in |
---|---|---|
sil / graphite2 | - | 1.3.5.x |
mozilla / firefox_esr | 38.0 | 38.0.x |
mozilla / firefox_esr | 38.2.1 | 38.2.1.x |
mozilla / firefox_esr | 38.1.0 | 38.1.0.x |
mozilla / firefox_esr | 38.2.0 | 38.2.0.x |
mozilla / firefox_esr | 38.4.0 | 38.4.0.x |
mozilla / firefox_esr | 38.3.0 | 38.3.0.x |
mozilla / firefox_esr | 38.5.1 | 38.5.1.x |
mozilla / firefox_esr | 38.0.5 | 38.0.5.x |
mozilla / firefox_esr | 38.0.1 | 38.0.1.x |
mozilla / firefox_esr | 38.5.0 | 38.5.0.x |
mozilla / firefox_esr | 38.6.0 | 38.6.0.x |
mozilla / firefox_esr | 38.1.1 | 38.1.1.x |
mozilla / firefox | - | 44.0.2.x |