315 matches found
Graphite2 - GlyphCache::Loader Heap Based Overreads
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=751 The following crashes due to two different heap-based buffer overreads can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with...
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=752 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the followi...
Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=756 We have encountered several different crashes in the graphite2::NameTable::getName method, observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk,...
Graphite2 - GlyphCache::Loader Heap Overreads
Graphite2 - GlyphCache::Loader Heap Overreads Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=751 The following crashes due to two different heap-based buffer overreads can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the...
Graphite2 - GlyphCache::GlyphCache Heap Buffer Overflow
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=749 The following crash due to a heap-based buffer overflow can be observed in a slightly modified ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest...
Fedora 22 : graphite2-1.3.6-1.fc22 (2016-338a7e9925)
Unspecified security fixes ---- Security fix for CVE-2016-1521, CVE-2016-1522, CVE-2016-1523 and CVE-2016-1526 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...
Fedora Update for graphite2 FEDORA-2016-338
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 22 Update: graphite2-1.3.6-1.fc22
Graphite2 is a project within SIL=E2=80=99s Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Graphite can be used to create =E2=80=9Csmart fo nts=E2=80=9D capable of displaying writing systems with variou...
Amazon Linux: Security Advisory (ALAS-2016-696)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : graphite2 (ALAS-2016-696)
Several vulnerabilities were discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges ...
Important: graphite2
Issue Overview: Several vulnerabilities were discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with...
graphite2: Out-of-bounds read vulnerability in TfUtil:LocaLookup
A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of t...
CentOS Update for graphite2 CESA-2016:0594 centos7
Check the version of graphite2 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882448";...
RHEL 7 : graphite2 (RHSA-2016:0594)
An update for graphite2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CentOS 7 : graphite2 (CESA-2016:0594)
An update for graphite2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Scientific Linux Security Update : graphite2 on SL7.x x86_64 (20160406)
The following packages have been upgraded to a newer upstream version: graphite2 1.3.6. Security Fixes : - Various vulnerabilities have been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could...
Oracle Linux 7 : graphite2 (ELSA-2016-0594)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0594 advisory. - Related: rhbz1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526 - Resolves: rhbz1309052 CVE-2016-1521 CVE-2016-1522 CVE-2016-1523...
Oracle: Security Advisory (ELSA-2016-0594)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for graphite2 RHSA-2016:0594-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
graphite2 security update
CentOS Errata and Security Advisory CESA-2016:0594 An update for graphite2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...