5052 matches found
Buffer overflow
foldbinary in fold-const.c in GNU Compiler Collection gcc 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQEXPR and NEEXPR, which might introduce buffer overflow vulnerabilities into applications that could b...
CVE-2006-1902
foldbinary in fold-const.c in GNU Compiler Collection gcc 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQEXPR and NEEXPR, which might introduce buffer overflow vulnerabilities into applications that could b...
security flaw
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memo...
Mozilla products JavaScript engine fail to properly handle garbage-collection
Overview A vulnerability in the way the JavaScript engine of Mozilla products and derivative programs handles garbage collection could allow a remote attacker to execute arbitrary code on a vulnerable system. Description The JavaScript programming language uses a method of memory management known...
Memory corruption
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memo...
CVE-2006-1742
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memo...
JavaScript garbage-collection hazard audit — Mozilla
Igor Bukanov has audited the JavaScript engine for routines that use temporary variables not protected against garbage-collection. If malicious content could cause garbage-collection to run during the lifetime of these temporaries then the original routine would end up operating on freed memory...
CVE-2006-0293
The function allocation code jsNewFunction in jsfun.c in Firefox 1.5 allows attackers to cause a denial of service memory corruption and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects...
CVE-2006-0293
The function allocation code jsNewFunction in jsfun.c in Firefox 1.5 allows attackers to cause a denial of service memory corruption and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects...
Memory corruption
The function allocation code jsNewFunction in jsfun.c in Firefox 1.5 allows attackers to cause a denial of service memory corruption and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects...
CVE-2006-0292
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
CVE-2006-0292
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
Design/Logic Flaw
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
CVE-2006-0292
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
CVE-2006-0293
The function allocation code jsNewFunction in jsfun.c in Firefox 1.5 allows attackers to cause a denial of service memory corruption and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects...
CVE-2006-0293
The function allocation code jsNewFunction in jsfun.c in Firefox 1.5 allows attackers to cause a denial of service memory corruption and possibly execute arbitrary code via user-defined methods that trigger garbage collection in a way that operates on freed objects...
CVE-2006-0292
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
security flaw
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
JavaScript garbage-collection hazards — Mozilla
Garbage collection hazards have been found in the JavaScript engine where some routines used temporary variables that were not properly protected rooted. Specially crafted objects could contain a user-defined method that would be called during the lifetime of these temporaries. If this method...
Etomite followup information
---------- Forwarded message ---------- From: Rick Elnor To: [email protected] Date: Sun, 29 Jan 2006 10:11:08 -0800 Subject: OSVDB Mods Change Request 22693: Etomite todo.inc.php cij Variable Arbitrary Command Execution Hello, I am Rick Elnor, the Etomite CMS security expert and owner ow...