UBUNTU-CVE-2016-2833

Mozilla Firefox before 47.0 ignores Content Security Policy CSP directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via a crafted applet...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: MFSA 2016-49 Miscellaneous memory safety hazards rv:47.0 / rv:45.2 MFSA 2016-50 Buffer overflow parsing HTML5 fragments MFSA 2016-51 Use-after-free deleting tables from a contenteditable document MFSA 2016-52 Addressbar spoofing though the SELECT element MFSA 2016-54...

USN-2817-1: IcedTea Web vulnerabilities

It was discovered that IcedTea Web incorrectly handled applet URLs. A remote attacker could possibly use this issue to inject applets into the .appletTrustSettings configuration file and bypass user approval. CVE-2015-5234 Andrea Palazzo discovered that IcedTea Web incorrectly determined the orig...

KLA10689 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code or obtain sensitive information. Below is a complete list of vulnerabilitie...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Unspecified Local Vulnerability in Oracle Java SE/Java SE Embedded/JRockit Hotspot Subcomponents (CNVD-2015-00564)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications.Oracle JRockit is a comprehensive portfolio of Java runtime solutions that includes the industry's fastest standard Java solutions. An unspecified security vulnerability in the Oracle...

Oracle Java SE Install Subcomponent Local Arbitrary Code Execution Vulnerability

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Install subcomponent, which allows an attacker to build untrusted Java Web Start applications and untrusted Java...

Unspecified Vulnerability in Oracle Java SE 2D Subpart (CNVD-2015-00577)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE 2D subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and untrustworthy Java...

Unspecified Vulnerability in Oracle Java SE Deployment Subcomponent (CNVD-2015-00562)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Deployment subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and untrustwort...

Unspecified Vulnerability in Oracle Java SE Libraries Subpart (CNVD-2015-00574)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Oracle Java SE Libraries subcomponent, which allows an attacker to build untrustworthy Java Web Start applications and untrustworth...

Unspecified Local Vulnerability in Oracle Java SE/Java SE Embedded/JRockit Hotspot Subcomponents (CNVD-2015-00563)

Oracle Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications.Oracle JRockit is a comprehensive portfolio of Java runtime solutions that includes the industry's fastest standard Java solutions. An unspecified security vulnerability in the Oracle...

Sun Java Applet Font.createFont Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17981/info Sun Java is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain Java applets. Successfully exploiting this issue will cause the application to create a...

Sun Java Virtual Machine 1.x Font.createFont Method Insecure Temporary File Creation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10685/info Sun Java Virtual Machine is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Unix, Linux, and Microsoft platforms. Sun Java Virtual...

CoffeeCup Software Password Wizard 4.0 HTML Source Password Retrieval Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7023/info A problem with the software may make it possible for remote users to gain unauthorized access to restricted resources. This vulnerability exists in Password Wizard configured to generate Java applets to password...

Mozilla Browsers JavaScript Navigator Object Memory Corruption - Ver2 (CVE-2006-3677)

Mozilla Firefox and Seamonkey are very popular open source web browsers from Mozilla Foundation, based on the Mozilla Suite code base. The browser is an application designed for tasks related to web browsing, such as displaying HTML pages, downloading files, rendering different media, and so on...

[USN-2131-1] IcedTea Web vulnerability

========================================================================== Ubuntu Security Notice USN-2131-1 March 06, 2014 icedtea-web vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

JDK: unspecified vulnerability fixed in 6u29 (Deployment)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to...

SuSE 11.2 / 11.3 Security Update : Mozilla Firefox (SAT Patch Numbers 8187 / 8191)

This update to Firefox 17.0.8esr bnc833389 addresses : - bmo855331, bmo844088, bmo858060, bmo870200, bmo874974, bmo861530, bmo854157, bmo893684, bmo878703, bmo862185, bmo879139, bmo888107, bmo880734. MFSA 2013-63 / CVE-2013-1701 / CVE-2013-1702 Miscellaneous memory safety hazards have been fixed...

Updated firefox and thunderbird packages fix security vulnerabilities

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130807)

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2013-1701 A flaw was found in the way Firefox generated Certificat...