819 matches found
Memory corruption
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," ...
CVE-2013-3846
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," ...
SuSE Update for Mozilla Suite openSUSE-SU-2013:1633-1 (Mozilla Suite)
Check for the Version of Mozilla Suite OpenVAS Vulnerability Test $Id: gbsuse201316331.nasl 8045 2017-12-08 08:39:37Z santu $ SuSE Update for Mozilla Suite openSUSE-SU-2013:1633-1 Mozilla Suite Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH,...
CVE-2013-5559
Buffer overflow in the Active Template Library ATL framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139...
Buffer overflow
Buffer overflow in the Active Template Library ATL framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139...
CVE-2013-5559
Buffer overflow in the Active Template Library ATL framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139...
USN-2010-1: Thunderbird vulnerabilities
Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the...
FreeBSD : mozilla -- multiple vulnerabilities (81f866ad-41a4-11e3-a4af-0025905a4771)
The Mozilla Project reports : MFSA 2013-93 Miscellaneous memory safety hazards rv:25.0 / rv:24.1 / rv:17.0.10 MFSA 2013-94 Spoofing addressbar though SELECT element MFSA 2013-95 Access violation with XSLT and uninitialized data MFSA 2013-96 Improperly initialized memory and overflows in some...
CVE-2013-5596
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
CVE-2013-5603
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service heap memo...
Design/Logic Flaw
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service heap memo...
Race condition
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
CVE-2013-5596
The cycle collection CC implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial ...
CVE-2013-5603
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service heap memo...
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)
Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...
USN-2009-1: Firefox vulnerabilities
Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...
CVE-2013-5603
Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service heap memo...
Use-after-free in HTML document templates — Mozilla
Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover a user-after-free when interacting with HTML document templates. This leads to a potentially exploitable crash...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA 2013-93 Miscellaneous memory safety hazards rv:25.0 / rv:24.1 / rv:17.0.10 MFSA 2013-94 Spoofing addressbar though SELECT element MFSA 2013-95 Access violation with XSLT and uninitialized data MFSA 2013-96 Improperly initialized memory and overflows in some...
CVE-2013-3471
The captive portal application in Cisco Identity Services Engine ISE allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515...