48 matches found
CVE-2017-7845
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects...
Vulnerability Spotlight: Multiple Simple DirectMedia Layer Vulnerabilities
Discovered by Lilith Wyatt of Cisco Talos Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer's SDL2Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio...
Direct3D Recent Program
Nessus was able to query the registry to find the most recent program to use Direct3D for each user on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid92417; scriptversion"1.6"; scriptcvsdate"Date: 2018/11/15 20:50:27";...
CVE-2016-0184
Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka "Direct3D...
Design/Logic Flaw
Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka "Direct3D...
Microsoft Direct3D CVE-2016-0184 Use After Free Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 for 32-bit...
Microsoft Direct3D CVE-2016-0195 Use After Free Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Windows 10 for 32-bit...
MS16-055: Security Update for Microsoft Graphics Component (3156754)
The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - Multiple information disclosure vulnerabilities exist in the Windows Graphics component. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user to...
UBUNTU-CVE-2015-6760
The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service invalid read or write or possibly have unspecified other impact v...
Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)
The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other...
The vulnerability of the Thunderbird email client, allowing a hacker to read data from uninitialized memory areas
The vulnerability of the CairoTextureClientD3D9::BorrowDrawTarget function in the implementation of the Direct3D 9 email client Thunderbird is related to errors in the code. Exploiting this vulnerability may allow a malicious actor to read data from uninitialized memory areas...
The vulnerability of the Firefox ESR browser, which allows a hacker to read data from uninitialized memory areas
The vulnerability of the rx::d3d11::SetBufferData function in the implementation of the Direct3D 11 browser Firefox ESR is related to errors in the code. Exploiting this vulnerability may allow a remote attacker to read data from uninitialized memory areas...
The vulnerability of the Thunderbird email client, allowing a hacker to read data from uninitialized memory areas
The vulnerability of the rx::d3d11::SetBufferData function in the implementation of the Thunderbird Direct3D 11 client is related to errors in the code. Exploiting this vulnerability may allow a remote attacker to read data from uninitialized memory regions...
The vulnerability of the Firefox browser, which allows a hacker to read data from uninitialized memory areas
The vulnerability of the rx::d3d11::SetBufferData function in the implementation of the Firefox Direct3D 11 browser is related to errors in the code. Exploiting this vulnerability may allow a remote attacker to read data from uninitialized memory areas...
Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...
Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...
CVE-2015-2734
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...
Memory corruption
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...
Design/Logic Flaw
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...
CVE-2015-2734
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...