142 matches found
CVE-2017-9814
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...
cairo cairo-truetype-subset.c file denial of service vulnerability
cairo is a cross-platform open source vector graphics library developed by software developers Carl Worth and Behdad Esfahbod, which supports 2D drawing in multiple contexts and provides high-quality display and printouts. A security vulnerability exists in the cairo-truetype-subset.c file in cai...
UBUNTU-CVE-2017-9814
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...
CVE-2017-9814
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service out-of-bounds read because of mishandling of an unexpected malloc0 call...
PT-2017-19200 · Cairo +3 · Cairo +3
Name of the Vulnerable Software and Affected Versions: cairo versions 1.15.6 and earlier Description: The issue allows remote attackers to cause a denial of service due to an out-of-bounds read. This is because of mishandling of an unexpected malloc0 call in the cairo-truetype-subset.c file...
CVE-2017-7375
A flaw in libxml2 allows remote XML entity inclusion with default parser flags i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes. Depending on the context, this may expose a higher-risk attack surface in libxml2 not...
[SECURITY] Fedora 22 Update: mingw-xerces-c-3.1.4-1.fc22
Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. Xerces-C is faithful to the XML 1.0...
Minimising font downloads
Optimising fonts is pretty difficult for larger sites. There's an easy solution, although only some browsers support it. Translations Français Fonts can be big Really big. They can be anywhere from 70k to many megabytes compressed of course, because why wouldn't you?. You want bold? Well, you jus...
php-font-lib 0.3 Cross Site Scripting
========================================================== php-font-lib - Subset maker makesubset.php Reflected Cross-site Scripting Revision 1.0 ========================================================== Author: Daniel C. Marques @0xc0da Release date: 2014-03-23 Reference:...
PostgreSQL 'xslt_process()'任意文件创建或覆盖漏洞
Bugtraq ID:55072 CVE ID: CVE-2012-3488 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL解析XSLT样式表时"xsltprocess"函数存在错误,允许攻击者利用漏洞创建或覆盖任意文件。 0 PostgreSQL 8.x PostgreSQL 9.x 厂商解决方案 PostgreSQL 9.1.5, 9.0.9, 8.4.13或8.3.20已经修复此漏洞,建议用户下载使用: http://www.postgresql.org...
USN-1440-1: Linux kernel (Natty backport) vulnerabilities
A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...
USN-1433-1: Linux kernel (Oneiric backport) vulnerabilities
A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...
USN-1431-1: Linux kernel vulnerabilities
A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. CVE-2011-4086 Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the...
Ubuntu Update for linux-lts-backport-maverick USN-1421-1
Ubuntu Update for Linux kernel vulnerabilities USN-1421-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14211.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux-lts-backport-maverick USN-1421-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH,...
Ubuntu Update for linux USN-1422-1
Ubuntu Update for Linux kernel vulnerabilities USN-1422-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14221.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1422-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu 11.04 : linux vulnerabilities (USN-1422-1)
Sasha Levin discovered a flaw in the permission checking for device assignments requested via the kvm ioctl in the Linux kernel. A local user could use this flaw to crash the system causing a denial of service. CVE-2011-4347 Stephan Barwolf discovered a flaw in the KVM kernel-based virtual machin...
Ubuntu Update for linux USN-1405-1
Ubuntu Update for Linux kernel vulnerabilities USN-1405-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14051.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1405-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Cisco VLAN Trunking Protocol Denial Of Service
/DoS code for Cisco VLAN Trunking Protocol Vulnerability vulerability discription: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml To Known: 1.the switch must in Server/Client Mode. 2.the port ,attacker connected,must be in trunk Mode. Cisco Ethernet ports with no configuration a...
Buffer overflow
Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges...
CVE-2007-4237
Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges...