101 matches found
Google Chrome < 57.0.2987.98 Multiple Vulnerabilities
Binary data 9991.pasl...
DEBIAN-CVE-2016-7446
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...
UBUNTU-CVE-2016-7446
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...
Buffer overflow
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317...
SUSE-SU-2016:2061-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nspr and mozilla-nss
MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr and mozilla-nss were updated to fix nine security issues. MozillaFirefox was updated to version 45.3.0 ESR. mozilla-nss was updated to version 3.21.1, mozilla-nspr to version 4.12. These security issues were fixed in 45.3.0ESR: -...
USN-3044-1 firefox vulnerabilities
Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or obtain sensitive information. CVE-2016-0718...
Mozilla Thunderbird < 38.4 Multiple Vulnerabilities
Binary data 9151.prm...
Mozilla Thunderbird < 38.4 Multiple Vulnerabilities (Mac OS X)
The version of Thunderbird installed on the remote Mac OS X host is prior to 38.4. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues, vi...
Firefox ESR < 38.4 Multiple Vulnerabilities
The version of Firefox ESR installed on the remote Windows host is prior to 38.4. It is, therefore, affected by the following vulnerabilities : - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these issues...
Vulnerabilities found through code inspection — Mozilla
Security researcher Ronald Crane reported three vulnerabilities affecting released code that were found through code inspection. These included a buffer overflow in the ANGLE graphics library and two issues of missing status checks in SVG rendering and during cryptographic key manipulation. These...
USN-2602-1 firefox vulnerabilities
Jesse Ruderman, Mats Palmgren, Byron Campen, Steve Fink, Gary Kwong, Andrew McCreight, Christian Holler, Jon Coppeard, and Milan Sreckovic discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...
Mozilla: Out-of-bounds read and write while rendering SVG content (MFSA 2015-19)
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic...
Mozilla: Out-of-bounds read and write while rendering SVG content (MFSA 2015-19)
Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allows remote attackers to obtain sensitive information from uninitialized process memory via a malformed SVG graphic...
Apple Mac OSX Safari 8.0 - Crash (PoC)
Apple Mac OSX Safari 8.0 - Crash PoC @w3bd3vil svg padding-top: 1337%; box-sizing: border-box; 0x7fff8ab10282: jae 0x7fff8ab1028c ; pthreadkill + 20 0x7fff8ab10284: movq %rax, %rdi 0x7fff8ab10287: jmp 0x7fff8ab0bca3 ; cerrornocancel 0x7fff8ab1028c: retq lldb register read General Purpose Register...
CVE-2013-2875
core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome before 28.0.1500.71, allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...
CVE-2012-3650
WebKit in Apple Safari before 6.0 accesses uninitialized memory locations during the rendering of SVG images, which allows remote attackers to obtain sensitive information from process memory via a crafted web site...
CVE-2011-1112
Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...
Code injection
Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...
CVE-2011-1112
Google Chrome before 9.0.597.107 does not properly perform SVG rendering, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...
CVE-2011-1112
Removed by vendor...