Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

openSUSE Security Update : MozillaThunderbird (openSUSE-2016-1057)

This update for MozillaThunderbird fixes the following issues : - update to Thunderbird 45.3.0 boo991809 - Disposition-Notification-To could not be used in mail.compose.other.header - 'edit as new message' on a received message pre-filled the sender as the composing identity. - Certain messages...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2016:2195-1)

Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2016:2131-1)

Mozilla Firefox was updated to 45.3.0 ESR to fix the following issues bsc991809 : - MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 Miscellaneous memory safety hazards rv:48.0 / rv:45.3 - MFSA 2016-63/CVE-2016-2830 Favicon network connection can persist when page is closed - MFSA 2016-64/CVE-2016-2838...

openSUSE Security Update : MozillaFirefox / mozilla-nss (openSUSE-2016-960)

Mozilla Firefox was updated to 48.0 to fix security issues, bugs, and deliver various improvements. The following major changes are included : - Process separation e10s is enabled for some users - Add-ons that have not been verified and signed by Mozilla will not load - WebRTC enhancements - The...

DEBIAN-CVE-2016-5252

Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations...

Security update for MozillaFirefox, mozilla-nss (important)

Mozilla Firefox was updated to 48.0 to fix security issues, bugs, and deliver various improvements. The following major changes are included: - Process separation e10s is enabled for some users - Add-ons that have not been verified and signed by Mozilla will not load - WebRTC enhancements - The...

Mozilla: Stack underflow during 2D graphics rendering (MFSA 2016-67)

Stack-based buffer underflow in the mozilla::gfx::BasePoint4d function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via crafted two-dimensional graphics data that is mishandled during clipping-region calculations...

Stack underflow during 2D graphics rendering — Mozilla

Georg Koppen of the Tor Project used the Address Sanitizer tool to discover a stack buffer underflow when calculating clipping regions in 2D graphics. This results in a potentially exploitable crash...

Microsoft Internet Explorer 11 - Stack Underflow Crash (PoC)

Microsoft Internet Explorer 11 - Stack Underflow Crash PoC crash IE 11 function crash var id0 = null; id0 = document.createElement 'THEAD' ; document.body.appendChild id0 ; elemTree = ; elemTree0= document.createElement'SELECT'; document.all7.appendChildelemTree0; elemTree1=...

Microsoft Internet Explorer 11 - Stack Underflow Crash (PoC)

crash IE 11 function crash var id0 = null; id0 = document.createElement 'THEAD' ; document.body.appendChild id0 ; elemTree = ; elemTree0= document.createElement'SELECT'; document.all7.appendChildelemTree0; elemTree1= document.createElement'B'; document.all8.appendChildelemTree1; elemTree2=...

Adobe Acrobat and Reader Stack Underflow (APSB15-15: CVE-2015-5098)

A stack underflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted EMF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file...

kernel: 64-bit Compatibility Mode Stack Pointer Underflow

The compatallocuserspace functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the...