29 matches found
📄 dompdf Remote Code Execution
This Metasploit module exploits CVE-2022-28368, a remote code execution vulnerability in dompdf versions prior to 1.2.1. The vulnerability exists because dompdf preserves the original file extension when caching fonts downloaded via CSS @font-face rules. By pointing a @font-face src to a .php fil...
Astra Linux - уязвимость в firefox
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
CVE-2005-1065
tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory...
EUVD-2005-1068
Malware in sbrugna...
EUVD-2021-10917
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-23997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this coul...
CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
SUSE CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
Exploit for Cross-site Scripting in Dompdf_Project Dompdf
CVE-2022-28368 - Dompdf RCE Dompdf RCE PoC Exploit !alt text...
CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
Type confusion
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
CVE-2021-23997
Mozilla Firefox before 88 is affected by a use-after-free in the font cache caused by unexpected data-type conversions, which could allow arbitrary code execution. The issue affects Firefox
CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution.An attacker is able to execute arbitrary code on the host OS via font cache...
UBUNTU-CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...
Mozilla Firefox < 88.0
The version of Firefox installed on the remote Windows host is prior to 88.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-16 advisory. - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian Holler...
CVE-2021-23997
Due to unexpected data type conversions, a use-after-free could have occurred when interacting with the font cache. We presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox 88...