83 matches found
EUVD-2016-3864
Malware in sbrugna...
EUVD-2016-3867
Malware in sbrugna...
EUVD-2016-3869
Malware in sbrugna...
EUVD-2016-2618
Malware in sbrugna...
EUVD-2016-3873
Malware in sbrugna...
EUVD-2016-3868
Malware in sbrugna...
SUSE CVE-2016-1523
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service missing initialization, NULL pointer dereference, a...
Denial Of Service (DoS)
firefox is vulnerable to denial of service DoS attacks. The vulnerability exists as the TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote...
Graphite: User-assisted execution of arbitrary code
Background Graphite is a “smart font” system developed specifically to handle the complexities of lesser-known languages of the world. Description An out-of-bounds write has been found in the Graphite 2 library. Impact A remote attacker could entice a user to open a specially crafted document usi...
Graphite: Multiple vulnerabilities
Background Graphite is a “smart font” system developed specifically to handle the complexities of lesser-known languages of the world. Description Multiple vulnerabilities have been discovered in Graphite. Please review the CVE identifiers referenced below for details. Impact A remote attacker...
The vulnerabilities of Firefox ESR and Firefox, the rendering software Graphite 2, allow attackers to induce service failures or exert other effects.
The vulnerability of the CachedCmap.cpp component in Firefox ESR and Firefox browsers, as well as in the Graphite 2 rendering software, arises due to buffer overflows. Exploiting this vulnerability can allow an attacker to cause service interruptions or other effects through the use of a speciall...
openSUSE Security Update : graphite2 (openSUSE-2016-389)
This update for graphite2 fixes the following issues : - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...
Security update for graphite2 (important)
This update for graphite2 fixes the following issues: - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...
SUSE SLED12 / SLES12 Security Update : graphite2 (SUSE-SU-2016:0779-1)
This update for graphite2 fixes the following issues : - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...
Security update for graphite2 (important)
This update for graphite2 fixes the following issues: - CVE-2016-1521: The directrun function in directmachine.cpp in Libgraphite did not validate a certain skip operation, which allowed remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service...
CVE-2016-2802
The graphite2::TtfUtil::CmapSubtable4NextCodepoint function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite...
CVE-2016-2801
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
CVE-2016-2801
The graphite2::TtfUtil::CmapSubtable12Lookup function in TtfUtil.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted...
CVE-2016-2800
The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font,...
CVE-2016-2798
The graphite2::GlyphCache::Loader::Loader function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted Graphite smart font...