DSA-1671-1 iceweasel - several vulnerabilities

Bulletin has no description...

DSA-1669-1 xulrunner - several vulnerabilities

Bulletin has no description...

Mozilla Foundation Security Advisory 2008-52

Mozilla Foundation Security Advisory 2008-52 Title: Crashes with evidence of memory corruption rv:1.9.0.4/1.8.1.18 Impact: Critical Announced: November 12, 2008 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.4 Firefox 2.0.0.18 Thunderbir...

CVE-2008-5052

The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via unknown vectors that trigger memory corruption, as demonstrated by...

Design/Logic Flaw

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via vectors related to "insufficient class checking" in the Date class...

CVE-2008-5052

The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via unknown vectors that trigger memory corruption, as demonstrated by...

CVE-2008-5018

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via vectors related to "insufficient class checking" in the Date class...

CVE-2008-5018

CVE-2008-5018 affects Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13. Root cause: insufficient class checking in the Date class in the JavaScript engine, enabling remote crash (DoS). Remediation from the initial desc...

CVE-2008-5052

Mozilla Firefox 2.x (pre-2.0.0.18), Thunderbird 2.x (pre-2.0.0.18), and SeaMonkey 1.x (pre-1.1.13) are affected by CVE-2008-5052. The vulnerability arises in AppendAttributeValue in the JavaScript engine and is described as memory corruption that can cause a remote crash (Denial of Service) via u...

Debian DSA-1649-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overfl...

Mozilla crashes with evidence of memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

Mozilla Foundation Security Advisory 2008-42

Mozilla Foundation Security Advisory 2008-42 Title: Crashes with evidence of memory corruption rv:1.9.0.2/1.8.1.17 Impact: Critical Announced: September 23, 2008 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.2 Firefox 2.0.0.17 Thunderbi...

USN-645-3: Firefox and xulrunner regression

USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes t...

CVE-2008-4062

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

Memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

CVE-2008-4062

Summary: CVE-2008-4062 covers multiple /unspecified / vulnerabilities in Mozilla Firefox (before 2.0.0.17 and 3.x before 3.0.2), Thunderbird (before 2.0.0.17), and SeaMonkey (before 1.1.12). The flaws involve the JavaScript engine and are triggered by vectors related to (1) misinterpretation of N...

CVE-2008-4062

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

USN-645-2: Firefox vulnerabilities

USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. This provides the corresponding update for Ubuntu 6.06 LTS. Original advisory details: Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were...

USN-645-1: Firefox and xulrunner vulnerabilities

Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. CVE-2008-0016 It was discovered that the same-origin check in Firefox...

Mozilla crashes with evidence of memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...