315 matches found
CVE-2017-7771
CVE-2017-7771 is an out-of-bounds read in the Graphite2 font-rendering library, specifically in graphite2::Pass::readPass, reported for Firefox prior to 54. Public advisories and vendor notes confirm Graphite2 vulnerabilities that can lead to crashes or memory disclosure when processing malformed...
DEBIAN-CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function...
CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function...
CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function...
Heap overflow
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function...
CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function...
CVE-2017-7772
CVE-2017-7772 describes a heap-based buffer overflow in the Graphite2 library, specifically in lz4::decompress, affecting Firefox prior to 54. The issue is triggered when processing crafted font data, potentially allowing a crash or arbitrary code execution in the context of an application using ...
CVE-2017-7772
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function...
The vulnerability in the graphite2::Silf::readGraphite function of the Graphite library for Mozilla Firefox and Mozilla Firefox ESR browsers allows an attacker to cause a service failure or execute arbitrary code.
The vulnerability of graphite2::Silf::readGraphite in the Graphite 2 library for Mozilla Firefox and Mozilla Firefox ESR browsers relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary cod...
Remote Code Execution (RCE)
firefox and thunderbird is vulnerable to remote code execution. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user runni...
EulerOS 2.0 SP3 : graphite2 (EulerOS-SA-2018-1172)
According to the version of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which ma...
MGASA-2018-0240 Updated graphite2 packages fix security vulnerability
NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of service CVE-2018-7999...
Updated graphite2 packages fix security vulnerability
NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of service CVE-2018-7999...
EulerOS 2.0 SP2 : graphite2 (EulerOS-SA-2018-1107)
According to the version of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which ma...
EulerOS 2.0 SP1 : graphite2 (EulerOS-SA-2018-1106)
According to the version of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which ma...
openSUSE Security Update : graphite2 (openSUSE-2018-337)
This update for graphite2 fixes the following issues : - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security,...
SUSE SLED12 / SLES12 Security Update : graphite2 (SUSE-SU-2018:0858-1)
This update for graphite2 fixes the following issues : - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
SUSE-SU-2018:0858-1 Security update for graphite2
This update for graphite2 fixes the following issues: - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850...
Graphite2 libgraphite2 Denial of Service Vulnerability
Graphite2 is a system of intelligent fonts for working with many kinds of text. libgraphite2 is one of the libraries. A security vulnerability exists in the Segment.cpp file of libgraphite2 in Graphite2 version 1.3.11. An attacker can exploit this vulnerability to cause a denial of service null...
CVE-2018-7999
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...