Google Plugs High-Risk Holes in Chrome Browser

Google has released version 4.1.249.1059 of Chrome for Windows, a security update that addresses four high risk vulnerabilities in its WebKit-based browser. These vulnerabilities are; a memory corruption issue in Chrome’s V8 JavaScript Engine, type confusion errors with forums, cross-site scripti...

Debian DSA-2025-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2408 Dan Kaminsky and Moxie Marlinspike discovered that icedove does...

DSA-2025-1 icedove - several vulnerabilities

Bulletin has no description...

Ubuntu Update for thunderbird vulnerabilities USN-915-1

Ubuntu Update for Linux kernel vulnerabilities USN-915-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9151.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for thunderbird vulnerabilities USN-915-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Firefox 3.5.2 3.0.14 JavaScript engine crashes

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary...

iDefense Security Advisory 03.11.10: Multiple Vendor WebKit HTML Element Use After Free Vulnerability

iDefense Security Advisory 03.11.10 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 11, 2010 I. BACKGROUND WebKit is an open source web browser engine. It is currently used by Apple Inc.'s Safari browser, as well as by Google's Chrome browser. For more information, see the vendor's sit...

Debian DSA-1830-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0040 The execution of arbitrary code might be possible via a crafted...

Debian DSA-1885-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3070 Jesse Ruderman discovered crashes in the layout...

Motorola Milestone (Droid) Smartphone Denial Of Service

MajorSecurity Advisory 65Motorola Milestone Smartphone Denial of Service Details ============ Product: Motorola MilestoneDroid Smartphone Security-Risk: low Remote-Exploit: yes Vendor-URL: http://www.motorola.com/ Vendor-Status: informed Advisory-Status: published on 02-02-2010 Credits ==========...

Mozilla Firefox

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows?remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly...

Mozilla Firefox

The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows?remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly...

Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-873-1)

Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary...

Memory corruption

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

CVE-2009-3982

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

CVE-2009-3982

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

USN-853-2: Firefox and Xulrunner regression

USN-853-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced regressions that could lead to crashes when processing certain malformed GIF images, fonts and web pages. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Alin Ra...

Mozilla Firefox多个内存破坏漏洞

BUGTRAQ ID: 36872,36871,36870,36866,36869,36873,36875 CVE ID: CVE-2009-3377,CVE-2009-3378,CVE-2009-3379,CVE-2009-3380,CVE-2009-3381,CVE-2009-3382,CVE-2009-3383 Firefox是一款流行的开源WEB浏览器。...

Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : firefox-3.0, firefox-3.5, xulrunner-1.9, xulrunner-1.9.1 vulnerabilities (USN-853-1)

Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoki...

USN-853-1: Firefox and Xulrunner vulnerabilities

Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoki...

CVE-2009-3383

The entry CVE-2009-3383 affects Mozilla Firefox 3.5.x prior to 3.5.4, describing memory corruption in the JavaScript engine that could crash the browser or potentially allow arbitrary code execution via unknown vectors. Affected product is Firefox 3.5.x; impact is high (remote code execution or D...