SUSE-SU-2018:3933-2 Security update for java-1_7_1-ibm

java-171-ibm was updated to Java 7.1 Service Refresh 4 Fix Pack 35 bsc1116574: Consumability - IJ10515 AIX JAVA 7.1.3.10 GENERAL PROTECTION FAULT WHEN ATTEMPTING TO USE HEALTH CENTER API Class Libraries - IJ10934 CVE-2018-13785 - IJ10935 CVE-2018-3136 - IJ10895 CVE-2018-3139 - IJ10932 CVE-2018-31...

CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

CVE-2019-9791

The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time JIT compiler and when the constructor function is entered through on-stack replacement OSR. This allows for possible arbitrary...

Memory corruption

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

CVE-2019-9792

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

CVE-2019-9792

The CVE-2019-9792 issue is an IonMonkey JIT leak in Firefox/Thunderbird where the JS_OPTIMIZED_OUT magic value is leaked during bailout, enabling memory corruption and potentially a crash. Affected: Thunderbird < 60.6, Firefox ESR < 60.6, Firefox

CVE-2019-9791

CVE-2019-9791 affects Thunderbird and Firefox (including Firefox ESR) and stems from the IonMonkey JIT: type confusion for constructors entered via on-stack replacement. The advisory notes that the vulnerability can enable arbitrary reading/writing of objects during an exploitable crash, with fix...

CVE-2019-9795

CVE-2019-9795 describes a vulnerability in the IonMonkey JIT compiler where a type-confusion could be exploited by malicious JavaScript to trigger a crash. Public references indicate affected products include Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox

CVE-2019-9792

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

CVE-2019-9792

The IonMonkey just-in-time JIT compiler can leak an internal JSOPTIMIZEDOUT magic value to the running script during a bailout. This magic value can then be used by JavaScript to achieve memory corruption, which results in a potentially exploitable crash. This vulnerability affects Thunderbird...

CVE-2019-9795

A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...

CVE-2019-9795

A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...

CVE-2019-9795

A vulnerability where type-confusion in the IonMonkey just-in-time JIT compiler could potentially be used by malicious JavaScript to trigger a potentially exploitable crash. This vulnerability affects Thunderbird 60.6, Firefox ESR 60.6, and Firefox 66...

CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

CVE-2019-9810

CVE-2019-9810 is an IonMonkey JIT bug in Firefox/Thunderbird where incorrect alias information for Array.prototype.slice can skip bounds checks, enabling a buffer overflow and potential remote code execution. Affected: Firefox prior to 66.0.1 and Firefox ESR prior to 60.6.1; Thunderbird prior to ...

CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

Denial Of Service (DoS)

tensorflow is vulnerable to denial of service. A heap-based buffer overflow occurs from an invalid memory access when a malicious configuration file is passed to the XLA compiler...

The vulnerability of the Just-In-Time (JIT) compiler of IonMonkey in web browsers Firefox, Firefox ESR, and the email processing program Thunderbird, related to data writing beyond buffer boundaries, allows an attacker to trigger a service failure.

The vulnerability of the Just-In-Time JIT compiler in IonMonkey web browsers—Firefox, Firefox ESR, and the email processing program Thunderbird—is related to data writing beyond buffer boundaries and memory corruption. Exploiting this vulnerability can allow an attacker to cause service...

The vulnerability of the Twig template compiler, related to errors in isolated software environments, allows attackers to gain access to confidential data.

The vulnerability of the Twig template compiler relates to errors in a isolated programming environment. Exploiting this vulnerability can allow an attacker to gain access to confidential data...