35 matches found
SUSE-SU-2025:02795-1 Security update for cairo
This update for cairo fixes the following issues: - CVE-2019-6462: Fixed a potentially infinite loop bsc1122321...
Mozilla Firefox Security Advisory (MFSA2015-22) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Mozilla Firefox Security Advisory (MFSA2014-41) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
The vulnerability of the Cairo graphic library in the Mozilla Firefox browser allows a hacker to execute arbitrary code or cause a denial-of-service attack.
The vulnerability of the Cairo graphic library in the Mozilla Firefox browser is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure through a specially created malicious web page...
SUSE: Security Advisory (SUSE-SU-2013:0843-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 29 Update: cairo-1.16.0-3.fc29
Cairo is a 2D graphics library designed to provide high-quality display and print output. Currently supported output targets include the X Window System, in-memory image buffers, and image files PDF, PostScript, and SVG. Cairo is designed to produce consistent output on all output media while...
Cairo denial of service vulnerability
Cairo is a cross-platform open source vector graphics library developed by software developers Carl Worth and Behdad Esfahbod, which supports doing 2D drawings in multiple contexts and provides high-quality display and printouts. A denial of service vulnerability exists in Cairo version 1.15.4. A...
DEBIAN-CVE-2017-7475
Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FTLoadGlyph and FTRenderGlyph resulting in an application crash...
UBUNTU-CVE-2016-9082
Integer overflow in the writepng function in cairo 1.14.6 allows remote attackers to cause a denial of service invalid pointer dereference via a large svg file...
Cairo 'cairo-png.c' Integer Overflow Vulnerability
Cairo is a cross-platform open source vector graphics library , it supports in multiple contexts to do 2D drawing , and provides high-quality display and printout . An integer overflow vulnerability exists in Cairo 'cairo-png.c'. An attacker may exploit this issue to crash the affected applicatio...
Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems — Mozilla
Security researcher Francisco Alonso of the NowSecure Research Team used the Address Sanitizer tool to discover an out-of-bounds read issue during 2D canvas rendering. This was due to an issue in the cairo graphics library when surfaces are created with 32-bit color depth but displayed on a 16-bi...
openSUSE Security Update : seamonkey (openSUSE-2015-250)
SeaMonkey was updated to 2.33 bnc917597 - MFSA 2015-11/CVE-2015-0835/CVE-2015-0836 Miscellaneous memory safety hazards - MFSA 2015-12/CVE-2015-0833 bmo945192 Invoking Mozilla updater will load locally stored DLL files Windows only - MFSA 2015-13/CVE-2015-0832 bmo1065909 Appended period to hostnam...
Mozilla Firefox < 36.0 Multiple Vulnerabilities
Binary data 8653.prm...
FreeBSD : mozilla -- multiple vulnerabilities (99029172-8253-407d-9d8b-2cfeab9abf81)
The Mozilla Project reports : MFSA-2015-11 Miscellaneous memory safety hazards rv:36.0 / rv:31.5 MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections MFSA-2015-14 Malicious WebGL content crash when...
Crash using DrawTarget in Cairo graphics library — Mozilla
Security researcher Atte Kettunen used the Address Sanitizer tool to discover a crash while drawing images through the Cairo graphics library while using the DrawTarget function. This can result in a segmentation fault due to zero-ing out of memory outside the bounds of the image...
Mozilla Firefox Denial of Service Vulnerability-01 (May 2014) - Windows
Mozilla Firefox is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SeaMonkey Denial of Service Vulnerability-01 (May 2014) - Windows
SeaMonkey is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey";...
SeaMonkey < 2.26 Multiple Vulnerabilities
The installed version of SeaMonkey is a version prior to 2.26 and is, therefore, potentially affected by the following vulnerabilities : - An issue exists in the Network Security NSS library due to improper handling of IDNA domain prefixes for wildcard certificates. This issue could allow man-in-...
Ubuntu 12.04 LTS / 12.10 / 13.10 : thunderbird vulnerabilities (USN-2151-1)
Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman and Christoph Diehl discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause...
Mozilla Thunderbird < 24.4 Multiple Vulnerabilities
The installed version of Thunderbird is a version prior to 24.4 and is, therefore, potentially affected the following vulnerabilities: - Memory issues exist that could lead to arbitrary code execution. CVE-2014-1493, CVE-2014-1494 - An issue exists where extracted files for updates are not...