0.003 Low
EPSS
Percentile
71.7%
Mozilla Firefox is vulnerable to heap-based buffer overflow writes. This vulnerability exists in “lz4::decompress” in Graphite2 library. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code.
access.redhat.com/errata/RHSA-2017:1440
access.redhat.com/security/updates/classification/#critical
www.mozilla.org/en-US/security/advisories/mfsa2017-15/
www.mozilla.org/en-US/security/advisories/mfsa2017-16/