← back
CVE-2017-5447

CVE-2017-5447

EPSS 17.7%
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53.
Affected products
Mozilla · FirefoxMozilla · Firefox ESRMozilla · Thunderbird
public PoCs found2
cve_referencewww.exploit-db.com/exploits/42071/unverifiedexploitdbwww.exploit-db.com/exploits/42071unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/errata/RHSA-2017:1104https://access.redhat.com/errata/RHSA-2017:1106https://access.redhat.com/errata/RHSA-2017:1201https://bugzilla.mozilla.org/show_bug.cgi?id=1343552https://www.debian.org/security/2017/dsa-3831https://www.exploit-db.com/exploits/42071/https://www.mozilla.org/security/advisories/mfsa2017-10/https://www.mozilla.org/security/advisories/mfsa2017-11/https://www.mozilla.org/security/advisories/mfsa2017-12/https://www.mozilla.org/security/advisories/mfsa2017-13/http://www.securityfocus.com/bid/97940http://www.securitytracker.com/id/1038320