OpenJDK: insufficient checking of the graphics rendering object (2D, 7112642)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

[SECURITY] Fedora 15 Update: freetype-2.4.4-8.fc15

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

Potential memory corruption during font rendering using cairo-dwrite — Mozilla

Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. This is created by using cairo-dwrite to attempt to render fonts on an unsupport...

Crash with WebGL content using textImage2D — Mozilla

Mozilla community member Ms2ger found an image rendering issue with WebGL when texImage2D uses use JSVALTOOBJECT on arbitrary objects. This can lead to a crash on a maliciously crafted web page. While there is no evidence that this is directly exploitable, there is a possibility of remote code...

Fedora Update for freetype FEDORA-2012-4946

Check for the Version of freetype OpenVAS Vulnerability Test Fedora Update for freetype FEDORA-2012-4946 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 16 Update: freetype-2.4.6-5.fc16

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

TeamPass 2.1.5 - 'login' HTML Injection

source: https://www.securityfocus.com/bid/53038/info TeamPass is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal...

[SECURITY] Fedora 17 Update: freetype-2.4.8-3.fc17

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

CVE-2012-0774

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font...

Flock 2.6.1 Denial Of Service

Exploit Title: Flock 2.6.1 DoS Date: 29/03/2012 Author: r45c4l Email: [email protected] Product url: http://flock.en.softonic.com/ Version: 2.6.1 CVE : :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Produ...

Ubuntu Update for thunderbird USN-1401-2

Ubuntu Update for Linux kernel vulnerabilities USN-1401-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN14012.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for thunderbird USN-1401-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net...

USN-1401-2: Thunderbird vulnerabilities

USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the corresponding fixes for Thunderbird. Original advisory details: It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a...

Ubuntu 10.04 LTS / 10.10 : xulrunner-1.9.2 vulnerabilities (USN-1401-1)

It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of...

Fedora Update for freetype FEDORA-2011-15927

Check for the Version of freetype OpenVAS Vulnerability Test Fedora Update for freetype FEDORA-2011-15927 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2012-0156

DirectWrite in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly render Unicode characters, which allows remote attackers to cause a denial of service application hang via a 1 instant message or 2 web site, aka "DirectWrite...

PT-2012-2356 · Microsoft · Directwrite +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A denial of service issue exists due to improper rendering of Unicode characters by DirectWrite. This allows remote attackers to cause an application hang via an instant messa...

Ubuntu: Security Advisory (USN-1373-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2420-1 : openjdk-6 - several vulnerabilities

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. - CVE-2011-3377 The IcedTea browser plugin included in the openjdk-6 package does not properly enforce the Same Origin Policy on web content served under a domain name which has a common suffix...

java-1.6.0-openjdk security update

1.6.0.0-1.25.1.10.6.0.1.el58 - Add oracle-enterprise.patch 1:1.6.0.0-1.25.1.10.6 - Updated to IcedTea6 1.10.6 - Resolves: rhbz787142 - Security fixes - S7082299: Fix in AtomicReferenceArray - S7088367: Fix issues in java sound - S7110683: Issues with some KeyboardFocusManager method - S7110687:...

java-1_6_0-openjdk: Update to iced tea 1.11.1 b24 security release (important)

java-160-openjdk was updated to the b24 release, fixing multiple security issues: Security fixes - S7082299, CVE-2011-3571: Fix inAtomicReferenceArray - S7088367, CVE-2011-3563: Fix issues in java sound - S7110683, CVE-2012-0502: Issues with some KeyboardFocusManager method - S7110687,...