ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)

An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox...

ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)

An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox...

CVE-2013-7439

Multiple off-by-one errors in the 1 MakeBigReq and 2 SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow...

CVE-2013-7439

Multiple off-by-one errors in the 1 MakeBigReq and 2 SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow...

CVE-2013-7439

Multiple off-by-one errors in the 1 MakeBigReq and 2 SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow...

CVE-2013-7439

Multiple off-by-one errors in the 1 MakeBigReq and 2 SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow...

ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)

An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox...

ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)

An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox...

Mozilla Firefox Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox Off Main Thread Compositing (OMTC) implements arbitrary code execution vulnerability

Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. A denial of service vulnerability exists in Mozilla Firefox, which could be exploited by remote attackers to execute arbitrary code or launch denial of service attacks...

Memory corruption

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code o...

CVE-2015-0805

The CVE-2015-0805 issue affects Mozilla Firefox’s Off Main Thread Compositing (OMTC). The root cause is an incorrect memset call in the interaction with mozilla::layers::BufferTextureClient::AllocateForSurface, enabling remote attackers to trigger memory corruption via rendering of 2D graphics co...

CVE-2015-0806

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code o...

CVE-2015-0805

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service...

Mandriva Linux Security Advisory : apache-mod_wsgi (MDVSA-2015:180)

Updated apache-modwsgi package fixes security vulnerabilities : apache-modwsgi before 4.2.4 contained an off-by-one error in applying a limit to the number of supplementary groups allowed for a daemon process group. The result could be that if more groups than the operating system allowed were...

KLA10525 Multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Firefox before 37.0, Mozilla Firefox ESR 31.x before 31.6, Mozilla Thunderbird before 31.6. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause a denial of service heap memory corruption and bypass an...

Mandriva Linux Security Advisory : jasper (MDVSA-2015:159)

Updated jasper packages fix security vulnerabilities : Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service application crash or the execution of arbitrary code CVE-2014-9029. A double free flaw was found in the way...

Debian DLA-60-1 : icinga security update

Two fixes for the Classic UI : - fix off-by-one memory access in processcgivars CVE-2013-7108 - prevent possible buffer overflows in cmd.cgi CVE-2014-1878 NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to...

jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009)

Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...

jasper: dec->numtiles off-by-one check in jpc_dec_process_sot() (oCERT-2015-001)

An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code...