1165 matches found
Google Chrome Blink Denial of Service Vulnerability (CNVD-2015-00709)
Google Chrome is a popular WEB browser. A vulnerability in the font implementation of the RenderTable::simplifiedNormalFlowLayout function in Google Chrome Blink core/rendering/RenderTable.cpp allows attackers to construct malicious WEB pages that can be tricked into being parsed by the user,...
UBUNTU-CVE-2014-7946
The RenderTable::simplifiedNormalFlowLayout function in core/rendering/RenderTable.cpp in Blink, as used in Google Chrome before 40.0.2214.91, skips captions during table layout in certain situations, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified...
SuSE 11.3 Security Update : xorg-x11-server (SAT Patch Number 10108)
The XOrg X11 server was updated to fix 12 security issues : - Denial of service due to unchecked malloc in client authentication. CVE-2014-8091 - Integer overflows calculating memory needs for requests. CVE-2014-8092 - Integer overflows calculating memory needs for requests in GLX extension...
xorg-server: multiple issues
CVE-2014-8091 denial of service X.Org X Window System, when using SUN-DES-1 Secure RPC authentication credentials, does not check the return value of a malloc call, which allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a crafted connection...
xorg-x11-server: out of bounds access due to not validating length or offset values in Render extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: out of bounds access due to not validating length or offset values in Render extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server security update
1.1.1-48.107.0.1.el511 - Added oracle-enterprise-detect.patch - Replaced 'Red Hat' in spec file 1.1.1-48.107 - CVE-2014-8091 denial of service due to unchecked malloc in client authentication 1168680 - CVE-2014-8092 integer overflow in X11 core protocol requests when calculating memory needs for...
CVE-2014-8100
The Render extension in XFree86 4.0.1, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index...
DEBIAN-CVE-2014-8100
The Render extension in XFree86 4.0.1, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index...
Out-of-bounds
The Render extension in XFree86 4.0.1, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index...
CVE-2014-8100
The Render extension in XFree86 4.0.1, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index...
PT-2014-1850 · Xfree86 +6 · Xfree86 +7
Name of the Vulnerable Software and Affected Versions: XFree86 version 4.0.1 X.Org X Window System aka X11 or X version X11R6.7 X.Org Server aka xserver and xorg-server versions prior to 1.16.3 xorg-x11-server-Xdmx version 1.15.0 xorg-x11-server-debuginfo version 1.15.0 xorg-x11-server-Xnest...
UBUNTU-CVE-2014-8100
The Render extension in XFree86 4.0.1, X.Org X Window System aka X11 or X X11R6.7, and X.Org Server aka xserver and xorg-server before 1.16.3 allows remote authenticated users to cause a denial of service out-of-bounds read or write or possibly execute arbitrary code via a crafted length or index...
CVE-2014-6308
Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter in a render action to oc-admin/index.php...
CVE-2014-6308
Directory traversal vulnerability in OSClass before 3.4.2 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter in a render action to oc-admin/index.php...
PT-2017-17759 · Cairo +3 · Cairo +3
Name of the Vulnerable Software and Affected Versions: Cairo version 1.15.4 Description: The issue is related to a NULL pointer dereference in the FT Load Glyph and FT Render Glyph functions, resulting in an application crash. Recommendations: For Cairo version 1.15.4, consider updating to a newe...
chromium: multiple security fixes in Chrome 38.0.2125.101
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...
libXrender: Multiple integer overflows leading to heap-based bufer overflows
Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XRenderQueryFilters, 2 XRenderQueryFormats, and 3 XRenderQueryPictIndexValues functions...
UBUNTU-CVE-2014-3201
core/rendering/compositing/RenderLayerCompositor.cpp in Blink, as used in Google Chrome before 38.0.2125.102 on Android, does not properly handle a certain IFRAME overflow condition, which allows remote attackers to spoof content via a crafted web site that interferes with the scrollbar...
CVE-2014-3191
Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree,...