EUVD-2016-2618

Malware in sbrugna...

EUVD-2016-2621

Malware in sbrugna...

K74435036: libGraphite vulnerabilities

Security Advisory Description CVE-2016-1521 The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary cod...

SUSE CVE-2016-1521

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a...

Denial Of Service (DoS)

firefox is vulnerable to denial of service DoS attacks. The vulnerability exists as the TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote...

Security Bulletin: Vulnerabilities in Mozilla Firefox libgraphite affect PowerKVM (CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526)

Summary PowerKVM is affected by vulnerabilities in Mozilla Firefox libgraphite graphite2. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2016-1521 DESCRIPTION: Libgraphite, as used in Mozilla Firefox, could allow a remote attacker to execute arbitrary code on the system,...

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified.

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.4 of IBM Storwize V7000 Unified Vulnerability Details IBM Storwize V7000 Unified is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla...

openSUSE Security Update : graphite2 (openSUSE-2016-389)

This update for graphite2 fixes the following issues : - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...

Security update for graphite2 (important)

This update for graphite2 fixes the following issues: - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...

openSUSE: Security Advisory for graphite2 (openSUSE-SU-2016:0791-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : graphite2 (openSUSE-2016-349)

This update for graphite2 fixes the following issues : - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...

Mozilla Firefox and Firefox ESR Graphite 2 Arbitrary Code Execution Vulnerability

Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...

Mozilla Firefox and Firefox ESR Graphite 2 Code.cpp File Denial of Service Vulnerability

Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...

Mozilla Firefox and Firefox ESR Graphite 2 FeatureMap.cpp File Denial of Service Vulnerability

Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...

Mozilla Firefox and Firefox ESR Graphite 2 TtfUtil.cpp File Denial of Service Vulnerability

Mozilla FirefoxFirefox is an open source web browser; Firefox ESR is an extended support version of Firefox.Graphite is a set of enterprise-class open source system monitoring tools written in Python, using the Django framework , it is through a third-party tools or plug-ins for data collection ,...

CVE-2016-1526

The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive information or cause a denial of service out-of-bound...

DEBIAN-CVE-2016-1523

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service missing initialization, NULL pointer dereference, a...

CVE-2016-1523

The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service missing initialization, NULL pointer dereference, a...

DEBIAN-CVE-2016-1522

Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service heap-based buffer overflow or possibly execute arbitrary...

CVE-2016-1521

The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a...