8 matches found
OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022)
Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...
ICU: font parsing OOB read (OpenJDK 2D, 8056276)
A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...
ICU: font parsing OOB read (OpenJDK 2D, 8055489)
A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...
ICU: font parsing OOB read (OpenJDK 2D, 8055489)
A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...
ICU: font parsing OOB read (OpenJDK 2D, 8056276)
A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...
ICU: Layout Engine font processing errors (JDK 2D, 8001031)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous...
OpenJDK: Type1 font processing buffer overflow vulnerability
Integer signedness error in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and...
OpenJDK Font processing vulnerability (6733336)
Heap-based buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.218 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file...