Описание
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 48.0.2564.82-0ubuntu1.1222 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [48.0.2564.116-0ubuntu0.14.04.1.1111]] |
| precise | ignored | |
| precise/esm | DNE | precise was ignored |
| trusty | released | 48.0.2564.116-0ubuntu0.14.04.1.1111 |
| trusty/esm | DNE | trusty was released [48.0.2564.116-0ubuntu0.14.04.1.1111] |
| upstream | released | 48.0.2564.82 |
| vivid | released | 48.0.2564.82-0ubuntu0.15.04.1.1193 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.2.7-1 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/xenial | released | 1.0.1-1ubuntu0.1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
| trusty/esm | not-affected | code not present |
| upstream | released | 1.0.6 |
| vivid | ignored | end of life |
| vivid/stable-phone-overlay | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.12.5-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.12.5-0ubuntu0.14.04.1]] |
| esm-infra/xenial | released | 1.12.5-0ubuntu1 |
| precise | DNE | |
| precise/esm | DNE | |
| trusty | released | 1.12.5-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1.12.5-0ubuntu0.14.04.1] |
| upstream | released | 1.12.5 |
| vivid | released | 1.12.5-0ubuntu0.15.04.1 |
| vivid/stable-phone-overlay | released | 1.12.5-0ubuntu0.15.04.1~overlay1 |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
7.6 High
CVSS3
Связанные уязвимости
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used ...
Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly have other impact via crafted data, as demonstrated by a buffer over-read resulting from an inverted length check in hb-ot-font.cc, a different issue than CVE-2015-8947.
Уязвимости браузера Google Chrome и библиотеки форматирования текста HarfBuzz, позволяющие нарушителю вызвать отказ в обслуживании или оказать другое воздействие
EPSS
6.8 Medium
CVSS2
7.6 High
CVSS3