7 matches found
SUSE CVE-2016-2801
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
Mozilla: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (MFSA 2017-01)
Memory safety bugs were reported in Firefox 50.1 and Firefox ESR 45.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird 45.7, Firefox ESR 45.7, and...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...
CVE-2016-1972
Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via unknown vectors...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...
Mozilla: Displayed page address can be overridden (MFSA 2016-21)
browser/base/content/browser.js in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to spoof the address bar via a javascript: URL...
Mozilla: Use-after-free when using multiple WebRTC data channels (MFSA 2016-25)
Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections...