Lucene search
K

9803 matches found

Cvelist
Cvelist
added 2010/09/09 6:0 p.m.25 views

CVE-2010-2766

The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...

8.9AI score0.05366EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2010/09/09 12:0 a.m.47 views

Debian DSA-2106-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2760, CVE-2010-3167, CVE-2010-3168 Implementation errors in XUL processing allow the...

9.3CVSS8.6AI score0.06527EPSS
Exploits0References21
Tenable Nessus
Tenable Nessus
added 2010/09/09 12:0 a.m.38 views

FreeBSD : mozilla -- multiple vulnerabilities (4a21ce2c-bb13-11df-8e32-000f20797ede)

The Mozilla Project reports : MFSA 2010-49 Miscellaneous memory safety hazards rv:1.9.2.9/ 1.9.1.12 MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-53 Heap buffer...

9.3CVSS9.3AI score0.22109EPSS
Exploits1References31
Debian
Debian
added 2010/09/08 5:50 p.m.41 views

[SECURITY] [DSA 2106-1] New xulrunner packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2106-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 08, 2010 http://www.debian.org/security/faq -...

9.3CVSS9.7AI score0.06527EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2010/09/08 12:54 a.m.4 views

Mozilla Dangling pointer vulnerability using DOM plugin array (MFSA 2010-51)

The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...

9.3CVSS7.8AI score0.04684EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/09/08 12:24 a.m.5 views

Mozilla Crash and remote code execution in normalizeDocument (MFSA 2010-57)

The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...

9.3CVSS7.8AI score0.05366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/09/08 12:5 a.m.4 views

Mozilla Dangling pointer vulnerability using DOM plugin array (MFSA 2010-51)

The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...

9.3CVSS7.8AI score0.04684EPSS
Exploits0References4
Mozilla
Mozilla
added 2010/09/07 12:0 a.m.43 views

Dangling pointer vulnerability using DOM plugin array — Mozilla

Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser an...

9.3CVSS4AI score0.04684EPSS
Exploits0References2Affected Software3
Mozilla
Mozilla
added 2010/09/07 12:0 a.m.44 views

Crash and remote code execution in normalizeDocument — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that code used to normalize a document contained a logical flaw that could be leveraged to run arbitrary code. When the normalization code ran, a static count of the document's child nodes was used in the traversal, so...

9.3CVSS2AI score0.05366EPSS
Exploits0References2Affected Software3
UbuntuCve
UbuntuCve
added 2010/09/07 12:0 a.m.50 views

CVE-2010-2766

The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...

9.3CVSS7.3AI score0.05366EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/08/21 12:0 a.m.31 views

Debian: Security Advisory (DSA-2075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.43382EPSS
Exploits17References3
OpenVAS
OpenVAS
added 2010/08/21 12:0 a.m.35 views

Debian Security Advisory DSA 2075-1 (xulrunner)

The remote host is missing an update to xulrunner announced via advisory DSA 2075-1. OpenVAS Vulnerability Test $Id: deb20751.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2075-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

9.3CVSS1.2AI score0.43382EPSS
Exploits17
OpenVAS
OpenVAS
added 2010/08/20 12:0 a.m.21 views

CentOS Update for seamonkey CESA-2010:0557 centos3 i386

Check for the Version of seamonkey OpenVAS Vulnerability Test CentOS Update for seamonkey CESA-2010:0557 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

10CVSS0.3AI score0.0413EPSS
Exploits1References2
NVD
NVD
added 2010/07/30 8:30 p.m.17 views

CVE-2010-1208

Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node wit...

9.3CVSS9.3AI score0.05153EPSS
Exploits0References6
Prion
Prion
added 2010/07/30 8:30 p.m.25 views

Design/Logic Flaw

Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and ...

9.3CVSS7.9AI score0.05384EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2010/07/30 8:0 p.m.32 views

CVE-2010-1209

Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and ...

9.3AI score0.05384EPSS
Exploits0References6
CVE
CVE
added 2010/07/30 8:0 p.m.120 views

CVE-2010-1208

CVE-2010-1208 is a use-after-free in Firefox/SeaMonkey DOM attribute cloning: deleting an event attribute node with nonzero reference count could lead to remote code execution. Affected: Firefox 3.5.x before 3.5.11; 3.6.x before 3.6.7; SeaMonkey before 2.0.6. Remediation: upgrade to Firefox 3.5.1...

9.3CVSS9.3AI score0.05153EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/07/30 12:0 a.m.45 views

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0430-3)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

9.8CVSS8.3AI score0.43382EPSS
Exploits24References14
Tenable Nessus
Tenable Nessus
added 2010/07/30 12:0 a.m.31 views

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0430-3)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

9.8CVSS8.3AI score0.43382EPSS
Exploits24References14
Tenable Nessus
Tenable Nessus
added 2010/07/29 12:0 a.m.56 views

Debian DSA-2075-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently...

9.8CVSS8AI score0.43382EPSS
Exploits17References19
Rows per page
Query Builder