892 matches found
CVE-2016-2793
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
CVE-2016-2794
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
UBUNTU-CVE-2016-1977
The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...
Font vulnerabilities in the Graphite 2 library — Mozilla
Security researcher Holger Fuhrmannek and Mozilla security engineer Tyson Smith reported a number of security vulnerabilities in the Graphite 2 library affecting version 1.3.5...
UBUNTU-CVE-2016-2791
The graphite2::GlyphCache::glyph function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
CVE-2016-2795
The graphite2::FileFace::gettablefn function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, does not initialize memory for an unspecified data structure, which allows remote attackers to cause a denial of service or possibly have unknown other...
UBUNTU-CVE-2016-2801
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
UBUNTU-CVE-2016-2800
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
UBUNTU-CVE-2016-2802
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
SUSE SLED11 / SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:0564-1)
This update for MozillaFirefox fixes the following issues : - update to Firefox 38.6.1 ESR bsc967087 - MFSA 2016-14/CVE-2016-1523 bmo1246093 Vulnerabilities in Graphite 2 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2016:0554-1)
This update for MozillaFirefox fixes the following issues : - update to Firefox 38.6.1 ESR bsc967087 - MFSA 2016-14/CVE-2016-1523 bmo1246093 Vulnerabilities in Graphite 2 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2016:0554-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2016:0564-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - update to Firefox 38.6.1 ESR bsc967087 MFSA 2016-14/CVE-2016-1523 bmo1246093 Vulnerabilities in Graphite 2...
SUSE-SU-2016:0554-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issues: - update to Firefox 38.6.1 ESR bsc967087 MFSA 2016-14/CVE-2016-1523 bmo1246093 Vulnerabilities in Graphite 2...
Mozilla Firefox and Firefox ESR Graphite 2 Arbitrary Code Execution Vulnerability
Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...
Mozilla Firefox and Firefox ESR Graphite 2 Code.cpp File Denial of Service Vulnerability
Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...
Mozilla Firefox and Firefox ESR Graphite 2 FeatureMap.cpp File Denial of Service Vulnerability
Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...
Mozilla Firefox and Firefox ESR Graphite 2 TtfUtil.cpp File Denial of Service Vulnerability
Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...
Debian DSA-3479-1 : graphite2 - security update
Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
thunderbird: multiple issues
CVE-2015-7575 man-in-the-middle: Security researcher Karthikeyan Bhargavan reported an issue in Network Security Services NSS where MD5 signatures in the server signature within the TLS 1.2 ServerKeyExchange message are still accepted. This is an issue since NSS has officially disallowed the...