4264 matches found
Memory corruption
The strunescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via unspecified vectors...
Memory corruption in str_unescape — Mozilla
Security researcher Scott Bell of Security-Assessment.com used the Address Sanitizer tool to discover a memory corruption in strunescape in the Javascript engine. This could potentially lead to arbitrary code execution...
Google Chrome < 23.0.1271.64 Multiple Vulnerabilities
Binary data 800919.prm...
UBUNTU-CVE-2012-5128
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...
UBUNTU-CVE-2012-5120
Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds access to an array...
USN-1617-1: WebKit vulnerabilities
A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
CVE-2009-2654 firefox: URL bar spoofing vulnerability CVE-2009-3070 Firefox 3.5 3.0.14 browser engine crashes CVE-2009-3071 Firefox 3.5.2 3.0.14 browser engine crashes CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes CVE-2009-3074 Firefox 3.5 3.0.14 JavaScript engine crashes CVE-2009-307...
Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
CVE-2009-2409 deprecate MD2 in SSL cert validation Kaminsky CVE-2009-2408 firefox/nss: doesn't handle NULL in Common Name properly CVE-2009-2654 firefox: URL bar spoofing vulnerability CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine...
Google Chrome < 19.0.1084.52 Multiple Vulnerabilities
Binary data 800897.prm...
Google Chrome < 19.0.1084.52 Multiple Vulnerabilities
Binary data 6490.pasl...
Google Chrome < 19.0.1084.52 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 19.0.1084.52 and is, therefore, affected by the following vulnerabilities : - An error exists in the v8 JavaScript engine that can cause application crashes during garbage collection. CVE-2011-3103 - An out-of-bounds read...
Google Chrome < 18.0.1025.142 Multiple Vulnerabilities
Binary data 800957.prm...
Google Chrome < 18.0.1025.142 Multiple Vulnerabilities
Binary data 6402.pasl...
Google Chrome < 18.0.1025.142 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 18.0.1025.142 and is, therefore, affected by the following vulnerabilities : - An error exists in the v8 JavaScript engine that can allow invalid reads. CVE-2011-3057 - An unspecified error exists related to bad interaction...
Google Chrome < 17.0.963.83 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 17.0.963.83 and is, therefore, affected by the following vulnerabilities : - An unspecified integer issue exists in libpng. CVE-2011-3045 - An error exists related to the extension web request API that could allow denial of...
Google Chrome < 17.0.963.83 Multiple Vulnerabilities
Binary data 6356.pasl...
Google Chrome < 17.0.963.83 Multiple Vulnerabilities
Binary data 800954.prm...
Google Chrome < 24.0.1312.52 Multiple Vulnerabilities
Binary data 6663.pasl...
Chromium, V8: Multiple vulnerabilities
Background Chromium is an open source web browser project. V8 is Google's open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...
Microsoft to Release Emergency Fix for ASP.NET DoS Flaw
UPDATED Microsoft on Thursday plans to release an emergency out-of-band update to address a vulnerability in ASP.NET that could allow an attacker to consume all of the resources on a vulnerable server with a single specially designed HTTP request. The vulnerability affects a wide range of Web...