136 matches found
Updated nss, firefox and thunderbird packages fix security vulnerabilities
A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application CVE-2014-1544. Several flaws were found in the processing ...
Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20140722)
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557 After...
Mozilla Thunderbird 24.x < 24.7 Multiple Vulnerabilities
The version of Thunderbird 24.x installed on the remote host is a version prior to 24.7. It is, therefore, affected by the following vulnerabilities : - When a pair of NSSCertificate structures are added to a trust domain and then one of them is removed during use, a use-after-free error occurs...
Mozilla Thunderbird 24.x < 24.7 Multiple Vulnerabilities (Mac OS X)
The version of Thunderbird 24.x installed on the remote host is a version prior to 24.7. It is, therefore, affected by the following vulnerabilities : - When a pair of NSSCertificate structures are added to a trust domain and then one of them is removed during use, a use-after-free error occurs...
[SECURITY] [DSA 2986-1] iceweasel security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2986-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 23, 2014 http://www.debian.org/security/faq -...
CVE-2014-1555
Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event...
CVE-2014-1555
CVE-2014-1555 is a use-after-free in Mozilla Firefox (nsDocLoader::OnProgress) that can allow remote code execution via FireOnStateChange events. Affected: Firefox before 31.0, Firefox ESR before 24.7, and Thunderbird before 24.7. Root cause: use-after-free in nsDocLoader::OnProgress. Impact: arb...
CVE-2014-1555
Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event...
thunderbird security update
CentOS Errata and Security Advisory CESA-2014:0918 An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring...
firefox, xulrunner security update
CentOS Errata and Security Advisory CESA-2014:0919 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System...
CentOS 5 / 6 / 7 : firefox / xulrunner (CESA-2014:0919)
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20140722)
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557 Not...
RHEL 5 / 6 : thunderbird (RHSA-2014:0918)
The remote Redhat Enterprise Linux 5 / 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2014:0918 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A we...
Critical: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
USN-2295-1: Firefox vulnerabilities
Christian Holler, David Keeler, Byron Campen, Gary Kwong, Jesse Ruderman, Andrew McCreight, Alon Zakai, Bobby Holley, Jonathan Watt, Shu-yu Guo, Steve Fink, Terrence Cole, Gijs Kruitbosch and Cătălin Badea discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a...
CVE-2014-1555
Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event...
HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution
No description provided by source. Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Date: 2010.07.02 Author: S2 Crew Hungary Software Link: hp.com Version: 7.53 Tested on: Windows 2003 CVE: CVE-2010-1555 Code : !/usr/bin/python import struct import socket...
Amazon Linux AMI : mysql51 (ALAS-2013-186)
This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2013-18...
Amazon Linux AMI : mysql55 (ALAS-2013-187)
This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2013-18...
Ubuntu: Security Advisory (USN-1807-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...