46 matches found
EUVD-2016-9234
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-8420
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SWFTools 2013-04-09-1007 on Windows has a Data from Faulting Address controls Branch Selection starting at image0000000000400000+0x0000000000003e71 issue. This...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
Mozilla: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
The Mozilla Foundation Security Advisory describes this flaw as: On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font...
SUSE CVE-2024-3859
On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10...
Horner Automation Cscape 缓冲区错误漏洞
Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 7 and prior versions, which arises from failure to properly validate user-supplied data, and allows...
Horner Automation Cscape 缓冲区错误漏洞
Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 6 and prior versions, which arises from failure to properly validate user-supplied data. If a user...
USN-5528-1 freetype vulnerabilities
It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, or possibly execute arbitrary code...
USN-4593-2: FreeType vulnerability
USN-4593-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font...
Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap MakeFormat12MergedGlyphList
Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap MakeFormat12MergedGlyphList -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on t...
Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList
Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific...
Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure
-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...
Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 50a8.4100: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 188c.47fc: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackage
-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...
Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx
Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyp...
Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream
Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 188c.47fc: Access violation - code...
Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure
Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs...