Important: Red Hat Security Advisory: xterm security update

An update for xterm is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Debian DSA-4861-1 : screen - security update

Felix Weinmann reported a flaw in the handling of combining characters in screen, a terminal multiplexer with VT100/ANSI terminal emulation, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence. C Tenable Network...

Important: Red Hat Security Advisory: xterm security update

An update for xterm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

xterm: crash when processing combining characters

A flaw was found in xterm. A specially crafted sequence of combining characters causes an out of bounds write leading to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

xterm security update

253-1.0.1 - fix xutf8.h to work with up-to-date Xlib - fix crash in combining character support CVE-2021-27135 orabug 32496959...

xterm: crash when processing combining characters

A flaw was found in xterm. A specially crafted sequence of combining characters causes an out of bounds write leading to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

Important: Red Hat Security Advisory: xterm security update

An update for xterm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: crash when processing combining characters CVE-2021-27135 For more details about the...

ALSA-2021:0611 Important: xterm security update

The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly. Security Fixes: xterm: crash when processing combining characters CVE-2021-27135 For more details about the...

CVE-2021-27135

xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...

DEBIAN-CVE-2021-27135

xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...

UBUNTU-CVE-2021-27135

xterm before Patch 366 allows remote attackers to execute arbitrary code or cause a denial of service segmentation fault via a crafted UTF-8 combining character sequence...

CVE-2018-16769

In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service application crash or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled...

WAVM Denial of Service Vulnerability (CNVD-2019-09771)

WAVM is the WebAssembly Virtual Machine. A denial of service vulnerability exists in WAVM 2018-07-26 and earlier versions, which stems from the program failing to properly handle the 'libRuntime.so!llvm::InstructionCombiningPass::runOnFunction' function. An attacker can cause a denial of service...

Combining fonts

&&&& I love the font Just Another Hand, I use it a lot in diagrams during my talks: Here it is! Yay! The thing is, I don't like the positioning of the hyphen & equals glyphs… Cache-Control: max-age=3600 They look awkwardly positioned – they sit too high. Thankfully CSS lets you merge fonts...

Combining fonts

I love the font Just Another Hand, I use it a lot in diagrams during my talks: Here it is! Yay! The thing is, I don't like the positioning of the hyphen & equals glyphs… Cache-Control: max-age=3600 They look awkwardly positioned – they sit too high. Thankfully CSS lets you merge fonts together, s...

webo site speedup 1.6.1 - Multiple Vulnerabilities

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-06-16 WEBO Site SpeedUp = 1.6.1 Multiple Vulnerabilites Script: "WEBO Site SpeedUp is a PHP solution that automatically...

GLSA-200611-01 : Screen: UTF-8 character handling vulnerability

The remote host is affected by the vulnerability described in GLSA-200611-01 Screen: UTF-8 character handling vulnerability cstone and Richard Felker discovered a flaw in Screen's UTF-8 combining character handling. Impact : The vulnerability can be exploited by writing a special string of...

DEBIAN-CVE-2006-4573

Multiple unspecified vulnerabilities in the "utf8 combining characters handling" utf8handlecomb function in encoding.c in screen before 4.0.3 allows user-assisted attackers to cause a denial of service crash or hang via certain UTF8 sequences...

CVE-2006-4573

CVE-2006-4573 affects the terminal multiplexer “screen” up to version 4.0.3. The root cause is in the utf8_handle_comb function in encoding.c, where certain UTF-8 sequences can cause a denial of service (crash or hang). Multiple connected advisories reference this issue across various distributio...