6697 matches found
poppler security update
CentOS Errata and Security Advisory CESA-2009:1504 Updated poppler packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a Portable...
[SECURITY] Fedora 11 Update: kazehakase-0.5.8-2.fc11.1
Kazehakase is a Web browser which aims to provide a user interface that is truly user-friendly & fully customizable. This package uses Gecko for HTML rendering engine...
[SECURITY] Fedora 10 Update: poppler-0.8.7-7.fc10
Poppler, a PDF rendering library, is a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC...
Web fonts can be used to spoof the page address – Opera Security Advisories
In some cases, a Web font intended to be used for page content could be incorrectly used by Opera to render parts of the user interface, including the address field. This can be used by a malicious site to display a false domain name in the address field...
Upgrade media libraries to fix memory safety bugs — Mozilla
Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim's browser and execute arbitrary code o...
Pegasus Mail Client 4.51 PoC BoF
Exploit for unknown platform in category remote exploits ================================ Pegasus Mail Client 4.51 PoC BoF ================================ Title: Pegasus Mail Client 4.51 PoC BoF CVE-ID: OSVDB-ID: Author: Francis Provencher Published: 2009-10-23 Verified: yes view source print?...
Pegasus Mail Client 4.51 - Remote Buffer Overflow
Pegasus Mail Client 4.51 - Remote Buffer Overflow Application: Pegasus Mail Client Platforms: Windows XP Professional SP2 Exploitation: remote BoF Date: 2009-10-06 Author: Francis Provencher Protek Research Lab's 1 Introduction 2 Technical details 3 The Code Only DoS =============== 1 Introductio...
Microsoft Windows Graphics Rendering Engine Code Execution (MS07-046; CVE-2007-3034)
The Windows Metafile WMF is a standard Windows image file format. It consists of a set of graphics functions and parameters that describe the steps required to render an image. WMF is a 16-bit format that can contain both vector and bitmap information. A WMF file contains a main header, followed ...
RedHat Security Advisory RHSA-2009:1504
The remote host is missing updates announced in advisory RHSA-2009:1504. Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Multiple integer overflow flaws were found in poppler. An attacker could create a malicious PDF file that would cause...
RHEL 5 : poppler (RHSA-2009:1504)
Updated poppler packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a Portable Document Format PDF rendering library, used by...
xpdf/poppler: Splash:: drawImage integer overflow and missing allocation return value check
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted P...
Cross site scripting
Cross-site scripting XSS vulnerability in Google Chrome 2.x and 3.x before 3.0.195.21 allows remote attackers to inject arbitrary web script or HTML via a 1 RSS or 2 Atom feed, related to the rendering of the application/rss+xml content type as XML "active content."...
[SECURITY] Fedora 10 Update: kazehakase-0.5.6-4.fc10.6
Kazehakase is a Web browser which aims to provide a user interface that is truly user-friendly & fully customizable. This package uses Gecko for HTML rendering engine...
Planet 2.0 - HTML Injection
Planet 2.0 - HTML Injection source: https://www.securityfocus.com/bid/36392/info Planet is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would...
Ubuntu: Security Advisory (USN-817-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-817-1: Thunderbird vulnerabilities
Several flaws were discovered in the rendering engine of Thunderbird. If Javascript were enabled, an attacker could exploit these flaws to crash Thunderbird...
Safari < 4.0.3 Multiple Vulnerabilities
Binary data 5125.prm...
[SECURITY] Fedora 10 Update: galeon-2.0.7-13.fc10
Galeon is a web browser built around Gecko Mozilla's rendering engine and Necko Mozilla's networking engine. It's a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web...
[SECURITY] Fedora 10 Update: epiphany-2.24.3-9.fc10
Epiphany is a simple GNOME web browser based on the Mozilla rendering engine...
Mozilla Firefox < 3.0.12 Multiple Vulnerabilities
Binary data 5101.prm...