EUVD-2017-14540

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-5436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue...

SUSE: Security Advisory (SUSE-SU-2016:0777-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:0584-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in Graphite2 affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in the Graphite 2 Library. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-7778 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write i...

Cross site scripting

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

CVE-2017-5436

CVE-2017-5436 is an out-of-bounds write in the Graphite 2 library triggered by a malicious Graphite font, causing a potentially exploitable crash. The issue was fixed in Graphite 2 and in Mozilla products; affected Mozilla components include Thunderbird < 52.1, Firefox ESR < 45.9 and < 5...

CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

GLSA-201706-25 : Graphite: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201706-25 Graphite: User-assisted execution of arbitrary code An out-of-bounds write has been found in the Graphite 2 library. Impact : A remote attacker could entice a user to open a specially crafted document using Graphite or a...

Security update for Mozilla based packages (important)

This update for Mozilla Firefox, Thunderbird, and NSS fixes the following issues: Mozilla Firefox was updated to 52.2esr boo1043960 MFSA 2017-16: CVE-2017-5472 bmo1365602 Use-after-free using destroyed node when regenerating trees CVE-2017-7749 bmo1355039 Use-after-free during docshell reloading...

CVE-2017-7778

A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Graphite 2 version 1.3.10. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird...

CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

CVE-2017-5436

An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox...

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-395)

MozillaThunderbird was updated to 38.7.0 to fix the following issues : - Update to Thunderbird 38.7.0 boo969894 - MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback - MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and...

Security update for MozillaThunderbird (important)

MozillaThunderbird was updated to 38.7.0 to fix the following issues: Update to Thunderbird 38.7.0 boo969894 MFSA 2015-81/CVE-2015-4477 bmo1179484 Use-after-free in MediaStream playback MFSA 2015-136/CVE-2015-7207 bmo1185256 Same-origin policy violation using performance.getEntries and history...

SUSE SLES10 Security Update : MozillaFirefox (SUSE-SU-2016:0820-1)

Mozilla Firefox was updated to 38.7.0 ESR, fixing the following security issues : MFSA 2016-16/CVE-2016-1952/CVE-2016-1953: Miscellaneous memory safety hazards rv:45.0 / rv:38.7 MFSA 2016-17/CVE-2016-1954: Local file overwriting and potential privilege escalation through CSP reports MFSA...

openSUSE Security Update : MozillaFirefox / mozilla-nspr / mozilla-nss (openSUSE-2016-332)

This update for MozillaFirefox, mozilla-nspr, mozilla-nss fixes the following issues : MozillaFirefox was updated to Firefox 45.0 boo969894 - requires NSPR 4.12 / NSS 3.21.1 - Instant browser tab sharing through Hello - Synced Tabs button in button bar - Tabs synced via Firefox Accounts from othe...

Firefox ESR < 38.6.1 Multiple Graphite 2 Library RCE (Mac OS X)

The version of Mozilla Firefox ESR installed on the remote Mac OS X host is prior to 38.6.1. It is, therefore, affected by multiple remote code execution vulnerabilities in the Graphite 2 library : - An overflow condition exists in the Context Item functionality due to improper validation of...

Mozilla Thunderbird 14.x <= 14 Multiple Vulnerabilities

Binary data 801365.prm...