RedHat Update for nss, nspr, and nss-util RHSA-2012:1091-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Moderate: Red Hat Security Advisory: nss, nspr, and nss-util security, bug fix, and enhancement update

Updated nss, nss-util, and nspr packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVS...

nss: NSS parsing errors with zero length items

The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services NSS before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a...

Debian DSA-2490-1 : nss - denial of service

Kaspar Brand discovered that Mozilla's Network Security Services NSS libraries did insufficient length checking in the QuickDER decoder, allowing to crash a program using the libraries. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

Ubuntu: Security Advisory (USN-1463-6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox regressions (USN-1463-3)

USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a regression in the rendering of Hebrew text and the ability of the Hotmail inbox to auto-update. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris...

Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass

Exploit for multiple platform in category dos / poc title: Airlock WAF overlong UTF-8 sequence bypass product: Airlock vulnerable version: = 4.2.4 without hotfix HF4213 fixed version: 4.2.5 impact: critical homepage: http://www.ergon.ch/ found: 2012-04-05 by: G. Wagner SEC Consult Vulnerability L...

[SECURITY] [DSA 2494-1] ffmpeg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2494-1 [email protected] http://www.debian.org/security/ Florian Weimer June 14, 2012 http://www.debian.org/security/faq -...

DSA-2494-1 ffmpeg - several

Bulletin has no description...

SeaMonkey 2.x < 2.10 Multiple Vulnerabilities

Binary data 6496.prm...

Mozilla SeaMonkey 2.x < 2.10 Multiple Vulnerabilities

Binary data 801375.prm...

Ubuntu: Security Advisory (USN-1463-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox 12.x < 12 Multiple Vulnerabilities

Binary data 801297.prm...

Mozilla Thunderbird 10.0.x < 10.0.5 Multiple Vulnerabilities

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist. CVE-2012-1937, CVE-2012-1939...

Thunderbird < 13.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 13.0 and thus, is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist...

SeaMonkey < 2.10.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.10.0. Such versions are potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist...

Thunderbird 10.0.x < 10.0.5 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist. CVE-2012-1937, CVE-2012-1939...

DSA-2490-1 nss - denial of service

Bulletin has no description...

Mozilla Thunderbird < 13.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 13.0 and thus, is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist...

Firefox 10.0.x < 10.0.5 Multiple Vulnerabilities

The installed version of Firefox 10.0.x is potentially affected by the following security issues : - An error exists in the ASN.1 decoder when handling zero length items that can lead to application crashes. CVE-2012-0441 - Multiple memory corruption errors exist. CVE-2012-1937, CVE-2012-1939 - T...