1683 matches found
Design/Logic Flaw
Use-after-free vulnerability in the JSGetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and...
CVE-2013-1738
Use-after-free vulnerability in the JSGetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and...
CVE-2013-1738
CVE-2013-1738 describes a use-after-free in Mozilla’s JS_GetGlobalForScopeChain, enabling remote code execution via mismanaged garbage collection in default compartments during frame-chain restoration. Affected products from the provided data include Mozilla Firefox (before 24.0), Thunderbird (be...
CVE-2013-1738
Use-after-free vulnerability in the JSGetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in situations involving default compartments and...
GC hazard with default compartments and frame chain restoration — Mozilla
Security researcher Nils reported a potentially exploitable use-after-free in an early test version of Firefox 25. Mozilla developer Bobby Holley found that the cause was an older garbage collection bug that a more recent change made easier to trigger...
Design/Logic Flaw
Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element...
CVE-2013-2904
Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element...
CVE-2013-2904
Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in Blink, as used in Google Chrome before 29.0.1547.57, allows remote attackers to cause a denial of service or possibly have unspecified other impact via an onload event that changes an IFRAME element...
rubygem-activerecord: attribute_dos Symbol DoS vulnerability
A flaw was found in the way Ruby on Rails handled hashes in certain queries. A remote attacker could use this flaw to perform a denial of service resource consumption attack by sending specially crafted queries that would result in the creation of Ruby symbols, which were never garbage collected...
Mozilla Januarys (important)
The Mozilla January 8th 2013 security release contains updates: Mozilla Firefox was updated to version 18.0. Mozilla Seamonkey was updated to version 2.15. Mozilla Thunderbird was updated to version 17.0.2. Mozilla XULRunner was updated to version 17.0.2. MFSA...
CVE-2013-0836
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JavaScript code...
CVE-2013-0836
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JavaScript code...
UBUNTU-CVE-2013-0836
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JavaScript code...
CVE-2013-0836
Removed by vendor...
CVE-2013-0836
Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via crafted JavaScript code...
Thunderbird < 17.0.2 Multiple Vulnerabilities (Mac OS X)
The installed version of Thunderbird is earlier than 17.0.2 and thus, is potentially affected by the following security issues : - Two intermediate certificates were improperly issued by TURKTRUST certificate authority. CVE-2013-0743 - A use-after-free error exists related to displaying HTML tabl...
Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities
Binary data 800108.prm...
SeaMonkey 2.14.x < 2.15 Multiple Vulnerabilities
Binary data 6670.prm...
Mozilla Thunderbird 17.x < 17.0.2 Multiple Vulnerabilities
Binary data 801308.prm...
Mozilla Firefox 17.x <= 17 Multiple Vulnerabilities
Binary data 801345.prm...