CVE-2015-7178

The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application cras...

CVE-2015-7178

CVE-2015-7178 affects Mozilla Firefox on Windows via ANGLE’s libGLES, where the ProgramBinary::linkAttributes function mishandles shader access. This can allow a remote attacker to execute arbitrary code or cause a denial of service through crafted OpenGL/WebGL content, leading to memory corrupti...

CVE-2015-7178

The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, mishandles shader access, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application cras...

CVE-2015-7179

The VertexBufferInterface::reserveVertexSpace function in libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows, incorrectly allocates memory for shader attribute arrays, which allows remote attackers to execute arbitrary code or cause a denial of...

Memory safety errors in libGLES in the ANGLE graphics library — Mozilla

Security researcher Ronald Crane reported two issues in the libGLES portions of the ANGLE graphics library, used for WebGL and OpenGL content on Windows systems. The first of these is a missing bounds check leading to memory safety errors when manipulating shaders which could result in the writin...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libqt4-opengl package of the Debian GNU/Linux operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libqt4-opengl-dev package of the Debian GNU/Linux operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

CVE-2015-1234

Race condition in gpu/commandbuffer/service/gles2cmddecoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact by manipulating OpenGL ES commands...

Race condition

Race condition in gpu/commandbuffer/service/gles2cmddecoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact by manipulating OpenGL ES commands...

CVE-2015-1234

CVE-2015-1234 is a vulnerability in Google Chrome/Chromium prior to 41.0.2272.118. It concerns a race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc that could allow a remote attacker to cause a denial of service (buffer overflow) or other impact by manipulating OpenGL ES commands. ...

CVE-2015-1234

Race condition in gpu/commandbuffer/service/gles2cmddecoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact by manipulating OpenGL ES commands...

CVE-2015-1234

Removed by vendor...

CVE-2015-1234

Race condition in gpu/commandbuffer/service/gles2cmddecoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact by manipulating OpenGL ES commands...

KLA10524 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or have other unknown impact. Below is a complete list of vulnerabilities 1. Improper IPC interaction handling can be exploited...

UBUNTU-CVE-2015-1234

Race condition in gpu/commandbuffer/service/gles2cmddecoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact by manipulating OpenGL ES commands...

Scientific Linux Security Update : GNOME Shell on SL7.x x86_64 (20150305)

It was found that the GNOME shell did not disable the Print Screen key when the screen was locked. This could allow an attacker with physical access to a system with a locked screen to crash the screen-locking application by creating a large amount of screenshots. CVE-2014-7300 This update also...

clutter, cogl, gnome, mutter security update

CentOS Errata and Security Advisory CESA-2015:0535 Updated gnome-shell, mutter, clutter, and cogl packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security...

Low: Red Hat Security Advisory: GNOME Shell security, bug fix, and enhancement update

Updated gnome-shell, mutter, clutter, and cogl packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS bas...

RHEL 7 : GNOME Shell (RHSA-2015:0535)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0535 advisory. GNOME Shell and the packages it depends upon provide the core user interface of the Red Hat Enterprise Linux desktop, including functions such as...

FreeBSD : xserver -- multiple issue with X client request handling (27b9b2f0-8081-11e4-b4ca-bcaec565249c)

Alan Coopersmith reports : Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way the X server code base handles requests from X clients, and has worked with X.Org's security team to analyze, confirm, and fix these issues. The vulnerabilities...