SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2015:1926-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-133 NSS and NSPR memory corruption issues MFSA 2015-132 Mixed content WebSocket policy bypass through workers MFSA 2015-131 Vulnerabilities found through code inspection MFSA 2015-130 JavaScript garbage collection crash with Java applet MFSA 2015-129 Certain...

Vulnerabilities found through code inspection — Mozilla

Security researcher Ronald Crane reported three vulnerabilities affecting released code that were found through code inspection. These included a buffer overflow in the ANGLE graphics library and two issues of missing status checks in SVG rendering and during cryptographic key manipulation. These...

SUSE-SU-2015:1703-1 Security update for MozillaFirefox

Mozilla Firefox was updated to version 38.3.0 ESR bsc947003, fixing bugs and security issues. MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards rv:41.0 / rv:38.3 MFSA 2015-101/CVE-2015-4506 Buffer overflow in libvpx while parsing vp9 format video MFSA...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The XULContentSinkImpl::AddText function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors, related to an "overflow."...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The InitTextures function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors, related to an "overflow."...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors...

Security update for MozillaFirefox (important)

MozillaFirefox was updated to Firefox 41.0 bnc947003 Security issues fixed: MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 Miscellaneous memory safety hazards MFSA 2015-97/CVE-2015-4503 bmo994337 Memory leak in mozTCPSocket to servers MFSA 2015-98/CVE-2015-4504 bmo1132467 Out of bounds read in QCMS...

Updated firefox packages fix security vulnerabilities

Updated firefox packages fix security vulnerabilities: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox that could cause memory corruption and crashes or potentially allow for arbitrary code execution CVE-2015-4500. Using the...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The nsAttrAndChildArray::GrowBy function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors, related to an "overflow."...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impa...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)

The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via unknown vectors, related to an "overflow."...

Vulnerabilities found through code inspection — Mozilla

Security researcher Ronald Crane reported eight vulnerabilities affecting released code that were found through code inspection. These included several potential memory safety issues resulting from the use of snprintf, one use of unowned memory, one use of a string without overflow checks, and fi...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2015-96 Miscellaneous memory safety hazards rv:41.0 / rv:38.3 MFSA 2015-97 Memory leak in mozTCPSocket to servers MFSA 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes MFSA 2015-99 Site attribute spoofing on Android by pasting URL with...

SUSE-SU-2015:1449-1 Security update for MozillaFirefox, mozilla-nss

Mozilla Firefox is being updated to the current Firefox 38ESR branch specifically the 38.2.0ESR release. Security issues fixed: - MFSA 2015-78 / CVE-2015-4495: Same origin violation and local file stealing via PDF reader - MFSA 2015-79 / CVE-2015-4473/CVE-2015-4474: Miscellaneous memory safety...

FreeBSD : mozilla -- multiple vulnerabilities (c66a5632-708a-4727-8236-d65b2d5b2739)

The Mozilla Project reports : MFSA 2015-79 Miscellaneous memory safety hazards rv:40.0 / rv:38.2 MFSA 2015-80 Out-of-bounds read with malformed MP3 file MFSA 2015-81 Use-after-free in MediaStream playback MFSA 2015-82 Redefinition of non-configurable JavaScript object properties MFSA 2015-83...