exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2016-2800

Status Candidate

Overview

The graphite2::Slot::getAttr function in Slot.cpp in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted Graphite smart font, a different vulnerability than CVE-2016-2792.

Related Files

Gentoo Linux Security Advisory 201701-63
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-63 - Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.3.7 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 757f34c27a3b3147e33cf6b8228d59efe5f86a09ecd02431cd1f5343997a83f3
Ubuntu Security Notice USN-2934-1
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2934-1 - Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel Holbert, Jesse Ruderman, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-1950, CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1964, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 1b82ab9e46c4ac83735da4ebe80a00ac45d9d42790929bd0cfc5b0114e1a9c92
Ubuntu Security Notice USN-2917-3
Posted Apr 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2917-3 - USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions. This update fixes the problem. Various other issues were also addressed.

tags | advisory, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-1950, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1958, CVE-2016-1959, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1963, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1967, CVE-2016-1968, CVE-2016-1973, CVE-2016-1974, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801
SHA-256 | 4f190a0b3a5329c140efe8e3eb4e0cb1f1beaabfa751c14f762b50fff0465e04
Ubuntu Security Notice USN-2917-2
Posted Apr 8, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2917-2 - USN-2917-1 fixed vulnerabilities in Firefox. This update caused several regressions that could result in search engine settings being lost, the list of search providers appearing empty or the location bar breaking after typing an invalid URL. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-1950, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1958, CVE-2016-1959, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1963, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1967, CVE-2016-1968, CVE-2016-1973, CVE-2016-1974, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801
SHA-256 | f36da0e5e9db6c8e433d61406ed2aa35dd8f3f26d8a337c2a2daff062a748a1d
Debian Security Advisory 3520-1
Posted Mar 19, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3520-1 - Multiple security issues have been found in Icedove, Debian's version of integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-1950, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1964, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 53de96b333ff377c5997fb4d7b6d5264d5653d98b5c2d56677ffc75f61f65361
Red Hat Security Advisory 2016-0460-01
Posted Mar 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0460-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1964, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | c4e5bc6a5f2c36645ee9570d988cd47a04f703208b64bfc41bafa9409f302ad2
Ubuntu Security Notice USN-2927-1
Posted Mar 14, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2927-1 - It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 1dec122d4770e83622f1149e9fed9f4cdda02850be1b53ec1aa24daae7a5fe9b
Debian Security Advisory 3515-1
Posted Mar 14, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3515-1 - Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | bcf7651163b924b4e831971e57ba70c8b310b8d547e66d2e0d0d68a9416057d2
Debian Security Advisory 3510-1
Posted Mar 10, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3510-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, address bar spoofing and overwriting local files.

tags | advisory, denial of service, overflow, arbitrary, local, spoof
systems | linux, debian
advisories | CVE-2016-1950, CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 961e8bbdb6524dd255af4d70d48fae78abd709cc6d7a95dcd0c49607567cfdde
Red Hat Security Advisory 2016-0373-01
Posted Mar 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0373-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1973, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 01d78c18a78f4f8713ab6ff101d89ae6fc93330758b7b76f00da29f532d537ab
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close