MiracleLinux 7 : graphite2-1.3.6-1.el7 (AXSA:2016-200:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-200:01 advisory. Graphite2 is a project within SILs Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex...

Unspecified Vulnerability in Multiple Mozilla Products (CNVD-2017-07078)

Mozilla Firefox, Firefox ESR and Thunderbird are all developed by the Mozilla Foundation.Firefox is an open source web browser, Firefox ESR is an extended support version of Firefox.Thunderbird is a standalone email client from the Mozilla Thunderbird is a separate email client from Mozilla...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::TtfUtil::CmapSubtable12Lookup function in browsers Firefox ESR and Firefox, as well as in the Graphite rendering software. Exploiting this vulnerability can allow a malicious actor to cause service failures or other effects through the use of a specially crafte...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::GlyphCache::glyph function in Firefox ESR and Firefox browsers is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effects using a specially created Graphite smart font...

The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.

The vulnerability of the graphite2::Slot::setAttr function in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software, is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effect...

graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)

The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...

UBUNTU-CVE-2016-2791

The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...