RHEL 7 : harfbuzz (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - chromium-browser: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6 CVE-2015-8947,...

SUSE CVE-2016-2052

Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc,...

GLSA-201701-76 : HarfBuzz: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201701-76 HarfBuzz: Multiple vulnerabilities Multiple vulnerabilities have been discovered in HarfBuzz. Please review the CVE identifiers referenced below for details. Impact : Remote attackers, through the use of crafted data,...

USN-3067-1: HarfBuzz vulnerabilities

Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-8947 It was discovered that HarfBuzz incorrectly handled certain length checks. ...

openSUSE Security Update : harfbuzz (openSUSE-2016-986)

This update for harfbuzz fixes the following security issues : - CVE-2016-2052: harfbuzz: Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6 boo963436 - CVE-2015-8947: harfbuzz: hb-ot-layout-gpos-table.hh buffer over-read boo989564 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

Ubuntu: Security Advisory (USN-2877-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2877-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2877-1 advisory. A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a...

USN-2877-1: Oxide vulnerabilities

A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. CVE-2016-1612 An issue was...

Important: Red Hat Security Advisory: chromium-browser security update

Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severit...

CVE-2016-2052

HarfBuzz contains CVE-2016-2052: a buffer over-read due to an inverted length check in hb-ot-font.cc, affecting HarfBuzz up to 1.0.6 and used by Google Chrome prior to 48.0.2564.82. Affected data could cause a denial of service or other impact. The issue is fixed in HarfBuzz 1.0.6 and later; upgr...

KLA10745 Multiple vulnerabilities in Google Chrome

Multiple serious vulnerabilities have been found in Google Chrome. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service or execute arbitrary code. Below is a complete list of vulnerabilities 1. Multiple unspecified vulnerabilities at HarfBuzz and V8 c...