EUVD-2016-5623

Malware in sbrugna...

Integer overflow

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

CVE-2022-38171

Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...

Apple CoreGraphics Buffer Error Vulnerability

Apple CoreGraphics is a core component from Apple Inc. that is used in mobile devices for graphics drawing. Apple CoreGraphics suffers from a buffer error vulnerability that stems from a boundary error when handling fonts in the CoreGraphics component in macOS. A remote attacker could create a...

Apple Core Graphics BMP Framework img_decode_read Remote Code Execution Vulnerability(CVE-2016-4637)

SUMMARY An exploitable out of bounds write exists in the handling of BMP images on Apple OS X and iOS. A crafted BMP document can lead to an out of bounds write resulting in remote code execution. Vulnerability can be triggered via a saved BMP file delivered by other means when opened in any...

FreeBSD : mozilla -- multiple vulnerabilities (7ae61870-9dd2-4884-a2f2-f19bb5784d09)

The Mozilla Project reports : ASN.1 DER decoding of lengths is too permissive, allowing undetected smuggling of arbitrary data MFSA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory MFSA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer...

CoreGraphics Information Disclosure - CVE-2014-4378

This article explores the exploitability of MobileSafari on IOS 7.1.x. Using a crafted PDF file as an HTML image makes it possible to leak information about the memory layout to the browser Javascript interpreter. Apple CoreGraphics library fails to validate input when parsing the colorspace...

freetype: Multiple security flaws when loading CID-keyed Type 1 fonts

FreeType in CoreGraphics in Apple iOS before 5.0.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted font in a document...

Integer overflow

Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long text run that triggers a heap-based buffer...

CVE-2009-2468

Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long text run that triggers a heap-based buffer...

CVE-2009-2468

CVE-2009-2468 text describes an integer overflow in Apple CoreGraphics used by Safari/Firefox/macOS, allowing DoS or possible code execution via a long text run during font glyph rendering, related to CVE-2009-1194. Connected documents primarily provide details on CVE-2009-1194 affecting Pango: i...

CVE-2009-2468

Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long text run that triggers a heap-based buffer...