892 matches found
DSA-3523-1 iceweasel - security update
Bulletin has no description...
Debian Security Advisory DSA 3523-1 (iceweasel - security update)
This update disables the Graphite font shaping library in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3523.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3523-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbo...
The vulnerability of Firefox ESR, the rendering software Graphite 2, and the email client Thunderbird, which allows a hacker to trigger a service failure
The vulnerability of the SillMap::readFace function in the Libgraphite component of the Firefox ESR browser and the Graphite 2 rendering software, as well as the Thunderbird email client, is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a...
The vulnerability of Firefox ESR, the rendering software Graphite 2, and the Thunderbird email client, which allows a hacker to trigger a service failure or obtain confidential information.
The vulnerability of the TtfUtil:LocaLookup function in the Firefox ESR browser, the Graphite 2 rendering software, and the Thunderbird email client is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to obtain confidential information ...
Vulnerabilities of Firefox ESR and Firefox browsers, the rendering software Graphite 2, and the email client Thunderbird, which allow a hacker to trigger a service failure, obtain confidential information, or execute arbitrary codes
The vulnerability of the directrun function in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software and the Thunderbird email client, is caused by buffer overflows. Exploiting this vulnerability allows an attacker to execute arbitrary code, obtain confidential...
The vulnerability of Firefox ESR, the rendering software Graphite 2, and the email client Thunderbird, which allows a hacker to trigger a service failure or execute arbitrary code.
The vulnerability of the Code.cpp function in the Libgraphite component of the Firefox ESR browser and the Graphite 2 rendering software, as well as in the Thunderbird email client, is caused by a buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to cause service...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::GetTableInfo function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown othe...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable12Lookup function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
Heap-based buffer overflow in the graphite2::vm::Machine::Code::Code function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
Heap-based buffer overflow in the graphite2::Slot::setAttr function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...