Google Fixes High-Risk Flaw in Chrome

Google has updated its Chrome browser yet again, this time fixing a high-risk vulnerability in the V8 JavaScript engine. That flaw is the only one that Google fixed in this update. The vulnerability in the V8 engine is an out-of-bounds error that can cause a memory-corruption condition and lead t...

ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability

ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-305 October 26, 2011 -- CVE ID: CVE-2011-3544 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...

UBUNTU-CVE-2011-2830

Google V8, as used in Google Chrome before 14.0.835.163, does not properly implement script object wrappers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...

Google Chrome < 15.0.874.102 Multiple Vulnerabilities

Binary data 800887.prm...

Google Chrome < 15.0.874.102 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 15.0.874.102. It therefore is potentially affected by the following vulnerabilities : - Several URL bar spoofing errors exist related to history handling and drag-and-drop of URLs. CVE-2011-2845, CVE-2011-3875 - Whitespace ...

UBUNTU-CVE-2011-3891

Google Chrome before 15.0.874.102 does not properly restrict access to internal Google V8 functions, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

USN-1192-3: Libvoikko regression

USN-1192-1 provided Firefox 6 as a security upgrade. Unfortunately, this caused a regression in libvoikko which caused Firefox to crash while spell checking words with hyphens. This update corrects the issue. We apologize for the inconvenience. Original advisory details: Aral Yaman discovered a...

Google Chrome < 14.0.835.202 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 14.0.835.202. It therefore is potentially affected by the following vulnerabilities : - Use-after-free errors exist that are related to text line box handling and the v8 JavaScript engine bindings. CVE-2011-2876,...

Ubuntu 11.04 : mozvoikko, ubufox, webfav update (USN-1222-2)

USN-1222-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 7. Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous discovered multiple memory...

USN-1222-2: Mozvoikko, ubufox, webfav update

USN-1222-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 7. Original advisory details: Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous...

Ubuntu Update for firefox USN-1222-1

Ubuntu Update for Linux kernel vulnerabilities USN-1222-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12221.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for firefox USN-1222-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu Update for thunderbird USN-1213-1

Ubuntu Update for Linux kernel vulnerabilities USN-1213-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12131.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for thunderbird USN-1213-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...

Debian DSA-2312-1 : iceape - several vulnerabilities

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2011-2372 Mariusz Mlynski discovered that websites could open a download dialog -- which has 'open' as the default action --, while a user presses the ENTER key. - CVE-2011-2995 Benjami...

Ubuntu: Security Advisory (USN-1222-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1222-1: Firefox vulnerabilities

Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary...

DSA-2313-1 iceweasel - several

Bulletin has no description...

DSA-2312-1 iceape - several

Bulletin has no description...

USN-1213-1: Thunderbird vulnerabilities

Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...

Google Chrome v8 script object wrapper vulnerability

Google Chrome is an open source WEB browser. A security vulnerability exists in the v8 script object wrapper in Google Chrome, which can be exploited by remote attackers to cause a denial of service and other remote attacks...

Ubuntu 11.04 : mozvoikko update (USN-1192-2)

USN-1192-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko for use with Firefox 6. Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking...