9803 matches found
Memory corruption
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the DOM implementation and the BreakAASpecial and...
CVE-2011-0347
This CVE (CVE-2011-0347) corresponds to a high-severity vulnerability in Microsoft Internet Explorer on Windows XP, involving an incorrect GUI display triggered via DOM-related vectors (cross_fuzz). The OpenVAS entries group this under a Windows Shell/IE flaw (MS11-006) with a CVSS v2 base score ...
CVE-2011-0346
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to the DOM implementation and the BreakAASpecial and...
CVE-2011-0347
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by crossfuzz...
CVE-2011-0346
CVE-2011-0346 corresponds to a family of memory‑corruption issues in Microsoft Internet Explorer’s MSHTML.DLL, specifically in the ReleaseInterface() path. The connected sources identify the affected component as IE versions 6–8 and describe a use‑after‑free vulnerability that can trigger via DOM...
Fuzzing tool discovers over 100 vulnerabilities in popular browsers !
The public release of crossfuzz - a cross-document DOM binding fuzzer that is able to detect vulnerabilities in all browsers by examining how they interact with various elements while they render web pages - by the Google-employed security researcher Michal Zalewski has unveiled some worrying...
PT-2011-2285 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 8 Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to the DOM implementation. An attacker could exploit this by constructi...
Certain DOM manipulations can allow execution of arbitrary code
Various unexpected DOM manipulations can cause Opera to crash. In some cases, these crashes can occur in a way that allows execution of arbitrary code. To inject code, additional techniques may have to be employed...
Certain DOM manipulations can allow execution of arbitrary code – Opera Security Advisories
Certain DOM manipulations can allow execution of arbitrary code – Opera Security Advisories OPCOM Team | January 4, 2011 Severity High Description Various unexpected DOM manipulations can cause Opera to crash. In some cases, these crashes can occur in a way that allows execution of arbitrary code...
Announcing cross_fuzz, a potential 0-day in circulation, and more
Hi list, == SUMMARY == I am happy to announce the availability of crossfuzz - an amazingly effective but notoriously annoying cross-document DOM binding fuzzer that helped identify about one hundred bugs in all browsers on the market - many of said bugs exploitable - and is still finding more. Th...
Fedora Update for seamonkey FEDORA-2010-18920
Check for the Version of seamonkey OpenVAS Vulnerability Test Fedora Update for seamonkey FEDORA-2010-18920 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora Update for seamonkey FEDORA-2010-18890
Check for the Version of seamonkey OpenVAS Vulnerability Test Fedora Update for seamonkey FEDORA-2010-18890 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Mandriva Update for firefox MDVSA-2010:251 (firefox)
Check for the Version of firefox OpenVAS Vulnerability Test Mandriva Update for firefox MDVSA-2010:251 firefox Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
[SECURITY] Fedora 14 Update: seamonkey-2.0.11-1.fc14
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
Google Chrome < 8.0.552.237 Multiple Vulnerabilities
Binary data 5742.pasl...
Mozilla Foundation Security Advisory 2010-80
Mozilla Foundation Security Advisory 2010-80 Title: Use-after-free error with nsDOMAttribute MutationObserver Impact: Critical Announced: December 9, 2010 Reporter: regenrecht Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.13 Firefox 3.5.16 SeaMonkey 2.0.11 Description Security researcher...
Mandriva Linux Security Advisory : firefox (MDVSA-2010:251-2)
Security issues were identified and fixed in firefox : Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed b...
Use-after-free error with nsDOMAttribute MutationObserver — Mozilla
Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a nsDOMAttribute node can be modified without informing the iterator object responsible for various DOM traversals. This flaw could lead to a inconsistent state where the iterator points to an object it believes i...
Fedora Update for seamonkey FEDORA-2010-17105
Check for the Version of seamonkey OpenVAS Vulnerability Test Fedora Update for seamonkey FEDORA-2010-17105 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 2780 / 2781)
This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security issues : - Several memory safety bugs in habe been identified in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show evidence of memory corruption under certain...