Gentoo Linux Security Advisory 201701-63 - Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.3.7 are affected.
757f34c27a3b3147e33cf6b8228d59efe5f86a09ecd02431cd1f5343997a83f3Ubuntu Security Notice 2934-1 - Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
1b82ab9e46c4ac83735da4ebe80a00ac45d9d42790929bd0cfc5b0114e1a9c92Ubuntu Security Notice 2917-3 - USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions. This update fixes the problem. Various other issues were also addressed.
4f190a0b3a5329c140efe8e3eb4e0cb1f1beaabfa751c14f762b50fff0465e04Ubuntu Security Notice 2917-2 - USN-2917-1 fixed vulnerabilities in Firefox. This update caused several regressions that could result in search engine settings being lost, the list of search providers appearing empty or the location bar breaking after typing an invalid URL. This update fixes the problem. Various other issues were also addressed.
f36da0e5e9db6c8e433d61406ed2aa35dd8f3f26d8a337c2a2daff062a748a1dDebian Linux Security Advisory 3520-1 - Multiple security issues have been found in Icedove, Debian's version of integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.
53de96b333ff377c5997fb4d7b6d5264d5653d98b5c2d56677ffc75f61f65361Red Hat Security Advisory 2016-0460-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
c4e5bc6a5f2c36645ee9570d988cd47a04f703208b64bfc41bafa9409f302ad2Ubuntu Security Notice 2927-1 - It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
1dec122d4770e83622f1149e9fed9f4cdda02850be1b53ec1aa24daae7a5fe9bDebian Linux Security Advisory 3515-1 - Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed.
bcf7651163b924b4e831971e57ba70c8b310b8d547e66d2e0d0d68a9416057d2Debian Linux Security Advisory 3510-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, address bar spoofing and overwriting local files.
961e8bbdb6524dd255af4d70d48fae78abd709cc6d7a95dcd0c49607567cfddeUbuntu Security Notice 2917-1 - Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto, Tyson Smith, Andrea Marchesini, and Jukka Jylanki discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
2aa98d4e5a966cde53c7a62ef79cd2e79addf4acbe8fc47a0386bf5144c7ece3Red Hat Security Advisory 2016-0373-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
01d78c18a78f4f8713ab6ff101d89ae6fc93330758b7b76f00da29f532d537ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed