Updated thunderbird packages fix security vulnerability

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird CVE-2016-1930, CVE-2016-1935. Multiple security flaws were foun...

Updated graphite2/firefox packages fix security vulnerability

Multiple vulnerabilities in the graphite2 font library can result in information disclosure, denial-of-service application crashes, or code execution via out-of-bounds reads, a NULL pointer dereference, and a heap-based buffer overflow CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526...

USN-2902-1 graphite2 vulnerabilities

Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute...

USN-2902-1: graphite2 vulnerabilities

Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute...

firefox security update

CentOS Errata and Security Advisory CESA-2016:0197 Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS bas...

CentOS Update for firefox CESA-2016:0197 centos5

Check the version of firefox SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882394";...

CentOS Update for firefox CESA-2016:0197 centos7

Check the version of firefox SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882392";...

CentOS 5 / 6 / 7 : firefox (CESA-2016:0197)

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Scientific Linux Security Update : firefox on SL5.x, SL6.x, SL7.x i386/x86_64 (20160216)

Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2016-1521, CVE-2016-1522, CVE-2016-1523 After...

graphite2: Out-of-bound read vulnerability triggered by crafted fonts

A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of t...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

graphite2: Heap-based buffer overflow in context item handling functionality

A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of t...

graphite2: Null pointer dereference and out-of-bounds access vulnerabilities

A vulnerability has been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font files in an application using Graphite2 could exploit these flaws to cause the application to crash or, potentially, execute arbitrary code with the privileges of t...

[SECURITY] [DSA 3479-1] graphite2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3479-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 15, 2016 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3479-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : graphite2 -- code execution vulnerability (8f10fa04-cf6a-11e5-96d6-14dae9d210b8)

Talos reports : - An exploitable denial of service vulnerability exists in the font handling of Libgraphite. A specially crafted font can cause an out-of-bounds read potentially resulting in an information leak or denial of service. - A specially crafted font can cause a buffer overflow resulting...

Mandriva Linux Security Advisory : graphite2 (MDVSA-2011:174)

Unspecified vulnerabilities were discovered in graphite2 conserning specially crafted TTF fonts and which has unknown impact. As a preemptive measure the new 1.0.3 version is being provided where this is fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...