Updated iceape/sqlite3 packages fix security vulnerabilities

Updated iceape packages fix security issues. The sqlite3 package has been updated as well since the new iceape version requires the SQLITEENABLEDBSTATVTAB feature to be enabled in sqlite. This sqlite3 update also enables ICU support, fixing bug 16814 . Use-after-free vulnerability in the...

Mozilla Firefox Audio Processing Memory Misreference Vulnerability

Mozilla Firefox is an open source WEB browser. A memory misreference vulnerability in Mozilla Firefox MediaStream playback when processing audio via the Web Audio API allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application or...

CVE-2015-4477

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API...

Design/Logic Flaw

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API...

CVE-2015-4477

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API...

CVE-2015-4477

CVE-2015-4477 is a use-after-free vulnerability in Firefox’s MediaStream playback, triggered by the Web Audio API during audio processing. The issue allows remote attackers to potentially execute arbitrary code and is associated with Firefox versions before 40.0. Remediation is to update to Firef...

UBUNTU-CVE-2015-4477

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API...

CVE-2015-4477

Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API...

Use-after-free in MediaStream playback — Mozilla

Security researcher SkyLined reported a use-after-free issue in how audio is handled through the Web Audio API during MediaStream playback through interactions with the Web Audio API. This results in a potentially exploitable crash...

The vulnerability of Google Chrome browser allows a malicious intruder to gain access to the values of audio samples.

A vulnerability in the Google browser’s implementation of the MediaElementAudioSourceNode::process function in the modules/webaudio/MediaElementAudioSourceNode.cpp module Web Audio API in Blink Chrome can be exploited by an attacker to bypass domain restrictions and access values of audio samples...

Debian DSA-3238-1 : chromium-browser - security update

Several vulnerabilities were discovered in the chromium web browser. - CVE-2015-1235 A Same Origin Policy bypass issue was discovered in the HTML parser. - CVE-2015-1236 Amitay Dobo discovered a Same Origin Policy bypass in the Web Audio API. - CVE-2015-1237 Khalil Zhani discovered a use-after-fr...

[SECURITY] [DSA 3238-1] chromium-browser security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3238-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 26, 2015 http://www.debian.org/security/faq -...

DSA-3238-1 chromium-browser - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3238-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-1236

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

Design/Logic Flaw

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

CVE-2015-1236

The CVE-2015-1236 entry refers to a Chrome/Blink vulnerability in the Web Audio API: MediaElementAudioSourceNode::process in Blink’s Web Audio implementation allows a remote site with a media element to bypass Same Origin Policy and access sensitive audio samples. Impact data from the sources con...

UBUNTU-CVE-2015-1236

The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a...

CVE-2014-8640

The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service uninitialized-memory read and...

Code injection

The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline operations, which allows remote attackers to cause a denial of service uninitialized-memory read and...