FlightPath < 4.8.2 / < 5.0-rc2 – Local File Inclusion
>> AUTHOR: deepcore
FlightPath < 4.8.2 / < 5.0-rc2 – Local File Inclusion
Microsoft DirectWrite / AFDKO suffers from a NULL pointer dereferences vulnerability in OpenType font handling while accessing empty dynarrays.
Microsoft DirectWrite / AFDKO suffers from multiple bugs in OpenType font handling related to the “post” table.
Microsoft DirectWrite / AFDKO suffers from an out-of-bounds read vulnerability in OpenType font handling due to undefined FontName index.
Microsoft DirectWrite / AFDKO suffers from a heap-baeed out-of-bounds read/write vulnerability in OpenType font handling due to empty ROS strings.
Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling while processing CFF blend DICT operator.
There is a Microsoft Font Subsetting DLL heap corruption vulnerability in ComputeFormat4CmapData.
Jenkins Dependency Graph View plugin version 0.13 suffers from a persistent cross site scripting vulnerability.
Sitecore version 9.0 rev 171002 suffers from a persistent cross site scripting vulnerability.
SNMPc Enterprise Edition versions 9 and 10 suffer from a mapping filename buffer overflow vulnerability.