5784 matches found
The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.
The vulnerability of the graphemestrpos function ext/intl/grapheme/graphemestring.c in the PHP interpreter exists due to the reading of data beyond the specified buffer. Exploiting this vulnerability may allow an attacker to cause a service failure reading beyond the memory limit, or it may have...
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=752 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following...
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=755 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the...
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=755 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest /path/to/file -auto --- cut...
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=752 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the following command: $ ./gr2fonttest /path/to/file -auto --- cut...
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=752 The following crash due to a heap-based buffer overread can be observed in an ASAN build of the standard Graphite2 gr2FontTest utility git trunk, triggered with the followi...
libxml2: Buffer overread with XML parser in xmlNextChar
A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information...
libxml2: Buffer overread with HTML parser in push mode in xmlSAX2TextNode
A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to leak potentially sensitive information...
DEBIAN-CVE-2016-4418
epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet that triggers an empty set...
DEBIAN-CVE-2016-4416
epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...
UBUNTU-CVE-2016-4417
Off-by-one error in epan/dissectors/packet-gsmabisoml.c in the GSM A-bis OML dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet that triggers a 0xff tag value...
UBUNTU-CVE-2016-4416
epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
CachedCmap.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)
The graphite2::TtfUtil::CmapSubtable12NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
DEBIAN-CVE-2016-2802
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
DEBIAN-CVE-2016-2801
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
DEBIAN-CVE-2016-2800
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
DEBIAN-CVE-2016-2798
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...