304 matches found
FreeBSD : mozilla -- multiple vulnerabilities (978b0f76-122d-11e4-afe3-bc5ff4fb5e7b)
The Mozilla Project reports : MFSA 2014-66 IFRAME sandbox same-origin access through redirect MFSA 2014-65 Certificate parsing broken by non-standard character encoding MFSA 2014-64 Crash in Skia library when scaling high quality images MFSA 2014-63 Use-after-free while when manipulating...
CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...
CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...
Design/Logic Flaw
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...
CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...
CVE-2014-1551
Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a...
CVE-2014-1551
CVE-2014-1551 is a concrete use-after-free vulnerability in Mozilla Firefox’s FontTableRec destructor that can be triggered by crafted fonts in MathML content. Root cause: improper handling of a DirectWrite font-face object, allowing remote attackers to execute arbitrary code. Affected products/v...
Firefox 31 Patches 11 Security Flaws
Mozilla has released a new version of Firefox, which includes patches for 11 security vulnerabilities. Three of the bugs fixed in Firefox 31 are critical, including a use-after-free vulnerability and a handful of memory safety issues. There are actually several separate use-after-free...
Use-after-free in DirectWrite font handling — Mozilla
Mozilla community member James Kitchener reported a crash in DirectWrite when rendering MathML content with specific fonts due to an error in how font resources and tables are handled. This leads to use-after-free of a DirectWrite font-face object, resulting in a potentially exploitable crash...
PT-2014-1464 · Mozilla +1 · Firefox Esr +3
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 31.0 Firefox ESR versions prior to 24.7 Thunderbird versions prior to 24.7 Description: The issue is related to a use-after-free vulnerability in the FontTableRec destructor, allowing remote attackers to...
Microsoft Windows DirectWrite Remote Code Execution Vulnerabilities (2848295)
This host is missing a critical security update according to Microsoft Bulletin MS13-054. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows 'DirectWrite' API拒绝访问漏洞(MS12-019)
BUGTRAQ ID: 52332 CVE ID: CVE-2012-0156 Microsoft Windows是流行的计算机操作系统。 Windows DirectWrit在实现上存在安全漏洞,通过特制的Unicode字符,可造成使用API的应用停止响应。 0 Microsoft Windows Vista x64 Edition SP2 Microsoft Windows Vista x64 Edition SP1 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Server 2008...
Microsoft Security Bulletin with Remote Desktop Flaws
Microsoft Security Bulletin with Remote Desktop Flaws Microsoft has released 6 updates in this month's patch Tuesday, including a patch for a critical hole which the software maker warns could be hit within the next 30 days. Microsoft is warning that there's a remote, pre-authentication,...
Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)
This host has moderate security update missing according to Microsoft Bulletin MS12-019. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Windows DirectWrite Denial of Service Vulnerability (2665364)
This host has moderate security update missing according to Microsoft Bulletin MS12-019. OpenVAS Vulnerability Test $Id: secpodms12-019.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows DirectWrite Denial of Service Vulnerability 2665364 Authors: Antu Sanadi Copyright: Copyright c 2012 SecPo...
Microsoft Windows multiple security vulnerabilities
Kernel drivers privileges escalation, DirectWrite API DoS, RDP memory corruption and DoS...
CVE-2012-0156
DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a denial of service application hang via a 1 instant message or 2 web site, aka "DirectWrite...
Denial of service
DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a denial of service application hang via a 1 instant message or 2 web site, aka "DirectWrite...
CVE-2012-0156
DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a denial of service application hang via a 1 instant message or 2 web site, aka "DirectWrite...
CVE-2012-0156
CVE-2012-0156 relates to a denial-of-service in Windows DirectWrite. The issue is triggered when processing specially crafted Unicode characters, causing applications using DirectWrite to hang. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 (and R2 SP1), and Windows 7 SP1...