324 matches found
MGASA-2018-0240 Updated graphite2 packages fix security vulnerability
NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of service CVE-2018-7999...
Updated graphite2 packages fix security vulnerability
NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of service CVE-2018-7999...
EulerOS 2.0 SP2 : graphite2 (EulerOS-SA-2018-1107)
According to the version of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which ma...
EulerOS 2.0 SP1 : graphite2 (EulerOS-SA-2018-1106)
According to the version of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which ma...
openSUSE Security Update : graphite2 (openSUSE-2018-337)
This update for graphite2 fixes the following issues : - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850. This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security,...
SUSE SLED12 / SLES12 Security Update : graphite2 (SUSE-SU-2018:0858-1)
This update for graphite2 fixes the following issues : - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...
SUSE-SU-2018:0858-1 Security update for graphite2
This update for graphite2 fixes the following issues: - CVE-2018-7999: Fixed a NULL pointer dereference vulnerability in Segment.cpp that may cause a denial of serivce bsc1084850...
Graphite2 libgraphite2 Denial of Service Vulnerability
Graphite2 is a system of intelligent fonts for working with many kinds of text. libgraphite2 is one of the libraries. A security vulnerability exists in the Segment.cpp file of libgraphite2 in Graphite2 version 1.3.11. An attacker can exploit this vulnerability to cause a denial of service null...
CVE-2018-7999
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file...
Debian: Security Advisory (DLA-1013-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Virtuozzo 7 : graphite2 / graphite2-devel (VZLSA-2017-1793)
An update for graphite2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
USN-3398-1: graphite2 vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote...
Ubuntu: Security Advisory (USN-3398-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : graphite2 vulnerabilities (USN-3398-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3398-1 advisory. Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were...
USN-3398-1 graphite2 vulnerabilities
Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or...
Amazon Linux AMI : graphite2 (ALAS-2017-872)
Vulnerabilities in the Graphite 2 library MFSA 2017-16 A heap-based buffer overflow flaw related to 'lz4::decompress' has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. CVE-2017-7778 Heap-buffer-overflow write...
Important: graphite2
Issue Overview: Vulnerabilities in the Graphite 2 library MFSA 2017-16 A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. CVE-2017-7778 Heap-buffer-overflow writ...
EulerOS 2.0 SP1 : graphite2 (EulerOS-SA-2017-1152)
According to the versions of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Various vulnerabilities have been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font...
EulerOS 2.0 SP2 : graphite2 (EulerOS-SA-2017-1153)
According to the versions of the graphite2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Various vulnerabilities have been discovered in Graphite2. An attacker able to trick an unsuspecting user into opening specially crafted font...
Updated graphite2 packages fix security vulnerabilities
An out-of-bounds write triggered with a maliciously crafted Graphite font could lead to a crash or potentially code execution CVE-2017-5436. Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if...