mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.4 KiB
1.4 KiB
CVE-2017-5447
Description
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
POC
Reference
- https://bugzilla.mozilla.org/show_bug.cgi?id=1343552
- https://www.exploit-db.com/exploits/42071/
- https://www.mozilla.org/security/advisories/mfsa2017-12/