Temp66

**Name of the Vulnerable Software and Affected Versions** Graphite 2 versions prior to 1.3.6 Mozilla Firefox versions prior to 45.0 Firefox ESR 38.x versions prior to 38.6.1 **Description** The issue is related to the `setAttr` function in Graphite 2, which can be exploited by remote attackers using a crafted Graphite smart font. This can lead to a denial of service due to an out-of-bounds write or possibly have other unspecified impacts. **Recommendations** For Graphite 2 versions prior to 1.3.6, update to version 1.3.6 or later. For Mozilla Firefox versions prior to 45.0, update to version 45.0 or later. For Firefox ESR 38.x versions prior to 38.6.1, update to version 38.6.1 or later.