63 matches found
openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-848)
This update contains Mozilla Thunderbird 45.2. boo983549 It fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail. The following vulnerabilities were fixed : - CVE-2016-2818, CVE-2016-2815: Memory safety bugs...
The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.
The vulnerability of the CachedCmap.cpp component in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software, arises due to buffer overflows. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effects through the use of a speciall...
The vulnerability of the Graphite 2 rendering software, as well as the Firefox and Firefox ESR browsers, allows a perpetrator to trigger a service failure or exert other effects.
The vulnerability of the setAttr function in the Graphite rendering software for browsers Firefox and Firefox ESR is caused by buffer overflow. Exploiting this vulnerability allows an attacker to cause service interruptions or other effects such as memory corruption through a specially created...
Debian DSA-3523-1 : iceweasel - security update
This update disables the Graphite font shaping library in Iceweasel, Debian's version of the Mozilla Firefox web browser. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-3523. The text...
[SECURITY] [DSA 3523-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3523-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3523-1 (iceweasel - security update)
This update disables the Graphite font shaping library in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3523.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3523-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbo...
The vulnerability of Firefox ESR, the rendering software Graphite 2, and the email client Thunderbird, which allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the Code.cpp function in the Libgraphite component of the Firefox ESR browser and the Graphite 2 rendering software, as well as in the Thunderbird email client, is caused by a buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to cause service...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
DEBIAN-CVE-2016-2802
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
DEBIAN-CVE-2016-2801
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
DEBIAN-CVE-2016-2800
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
DEBIAN-CVE-2016-2798
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
DEBIAN-CVE-2016-2796
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...