Lucene search
K

128 matches found

Cvelist
Cvelist
added 2011/03/07 8:0 p.m.27 views

CVE-2011-0064

The hbbufferensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary...

9.7AI score0.03333EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2011/03/01 11:40 p.m.6 views

pango: missing memory reallocation failure checking in hb_buffer_ensure

The hbbufferensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary...

6.8CVSS7.2AI score0.03333EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2011/03/01 12:0 a.m.19 views

CVE-2011-0064

The hbbufferensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash or possibly execute arbitrary...

6.8CVSS6.3AI score0.03333EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2010/11/10 7:0 p.m.5 views

FreeType: Heap-based buffer overflow by processing FontType42 fonts with negative length of SFNT strings (FT bug #30656)

Array index error in the t42parsesfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based...

6.8CVSS6.6AI score0.05839EPSS
Exploits1References4
NVD
NVD
added 2010/10/23 8:39 p.m.18 views

CVE-2010-4054

The gstype2interpret function in Ghostscript allows remote attackers to cause a denial of service incorrect pointer dereference and application crash via crafted font data in a compressed data stream, aka bug 691043...

4.3CVSS6.2AI score0.0266EPSS
Exploits0References5
OSV
OSV
added 2010/10/23 8:39 p.m.1 views

DEBIAN-CVE-2010-4054

The gstype2interpret function in Ghostscript allows remote attackers to cause a denial of service incorrect pointer dereference and application crash via crafted font data in a compressed data stream, aka bug 691043...

4.3CVSS6.7AI score0.0266EPSS
Exploits0References1
Prion
Prion
added 2010/10/23 8:39 p.m.26 views

Null pointer dereference

The gstype2interpret function in Ghostscript allows remote attackers to cause a denial of service incorrect pointer dereference and application crash via crafted font data in a compressed data stream, aka bug 691043...

4.3CVSS6.9AI score0.0266EPSS
Exploits0References5Affected Software3
UbuntuCve
UbuntuCve
added 2010/10/23 12:0 a.m.44 views

CVE-2010-4054

The gstype2interpret function in Ghostscript allows remote attackers to cause a denial of service incorrect pointer dereference and application crash via crafted font data in a compressed data stream, aka bug 691043...

4.3CVSS5.9AI score0.0266EPSS
Exploits0References2
Cvelist
Cvelist
added 2010/10/22 10:0 p.m.30 views

CVE-2010-4054

The gstype2interpret function in Ghostscript allows remote attackers to cause a denial of service incorrect pointer dereference and application crash via crafted font data in a compressed data stream, aka bug 691043...

6.2AI score0.0266EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2010/10/22 10:0 p.m.35 views

CVE-2010-4054

The gstype2interpret function in Ghostscript allows remote attackers to cause a denial of service incorrect pointer dereference and application crash via crafted font data in a compressed data stream, aka bug 691043...

4.3CVSS6.3AI score0.0266EPSS
Exploits0
CVE
CVE
added 2010/10/22 10:0 p.m.70 views

CVE-2010-4054

CVE-2010-4054 affects Ghostscript: the gs_type2_interpret function can be driven to crash via crafted font data in a compressed data stream (bug 691043), enabling a remote denial-of-service. Documented in MiracleLinux advisories and various OpenVAS/Nessus entries; patch/version details are not sp...

4.3CVSS6.2AI score0.0266EPSS
Exploits0References5Affected Software3
Check Point Advisories
Check Point Advisories
added 2010/03/08 12:0 a.m.16 views

Adobe Acrobat PDF Font Processing Memory Corruption (CVE-2008-4813)

Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. A memory...

9.3CVSS7.4AI score0.09497EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/08/24 12:0 a.m.52 views

RHEL 3 / 4 / 5 : java-1.4.2-ibm (RHSA-2008:0132)

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.4.2 SR10 Java release includes the IBM...

9.3CVSS8.2AI score0.16899EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2009/08/24 12:0 a.m.36 views

RHEL 4 / 5 : java-1.5.0-bea (RHSA-2007:0956)

Updated java-1.5.0-bea packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The BEA WebLogic JRockit 1.5.011 JRE and SDK conta...

9.3CVSS6.3AI score0.18185EPSS
Exploits2References13
NVD
NVD
added 2009/06/10 6:0 p.m.24 views

CVE-2009-1705

CoreGraphics in Apple Safari before 4.0 on Windows does not properly use arithmetic during automatic hinting of TrueType fonts, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via crafted font data...

9.3CVSS7.8AI score0.05313EPSS
Exploits2References7
Prion
Prion
added 2009/06/10 6:0 p.m.15 views

Memory corruption

CoreGraphics in Apple Safari before 4.0 on Windows does not properly use arithmetic during automatic hinting of TrueType fonts, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via crafted font data...

9.3CVSS8.3AI score0.05313EPSS
Exploits2References7Affected Software1
CVE
CVE
added 2009/06/10 5:37 p.m.47 views

CVE-2009-1705

Apple Safari on Windows (

9.3CVSS7.9AI score0.05313EPSS
Exploits2References7Affected Software1
RedHat Linux
RedHat Linux
added 2008/03/11 2:9 p.m.60 views

Moderate: Red Hat Security Advisory: java-1.4.2-bea security update

Updated java-1.4.2-bea packages that correct several security issues and add enhancements are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having moderate security impact by the...

9.3CVSS6.3AI score0.18185EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2008/02/14 2:46 p.m.60 views

Critical: Red Hat Security Advisory: java-1.4.2-ibm security update

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.4.2 SR10 Java release includes the IBM...

9.3CVSS7.3AI score0.16899EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2007/12/12 12:27 p.m.59 views

Moderate: Red Hat Security Advisory: java-1.4.2-bea security update

Updated java-1.4.2-bea packages that correct several security issues and add enhancements are now available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The BEA WebLogic JRockit 1.4.215 JRE and SDK...

9.3CVSS6.3AI score0.18185EPSS
Exploits0References9
Rows per page
Query Builder