USN-619-1: Firefox vulnerabilities

Various flaws were discovered in the browser engine. By tricking a user into opening a malicious web page, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2008-2798, CVE-2008-2799 Sever...

Firefox javascript arbitrary code execution

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

Debian DSA-1574-1 : icedove - several vulnerabilities

This shares a lot of text with dsa-1532.wml, dsa-1534.wml, dsa-1535.wml Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : -...

USN-605-1: Thunderbird vulnerabilities

Various flaws were discovered in the JavaScript engine. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges...

Debian DSA-1562-1 : iceape - programming error

It was discovered that crashes in the JavaScript engine of Iceape, an unbranded version of the SeaMonkey internet suite could potentially lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5219)

This update brings Mozilla Firefox to security update version 2.0.0.14 Following security problems were fixed : - MFSA 2008-20/CVE-2008-1380: Fixes for security problems in the JavaScript engine described in MFSA 2008-15 CVE-2008-1237 introduced a stability problem, where some users experienced...

Debian: Security Advisory (DSA-1555-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1555-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 1555-1. OpenVAS Vulnerability Test $Id: deb15551.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1555-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian Security Advisory DSA 1558-1 (xulrunner)

The remote host is missing an update to xulrunner announced via advisory DSA 1558-1. OpenVAS Vulnerability Test $Id: deb15581.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1558-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

[SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1562-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 28, 2008 http://www.debian.org/security/faq -...

DSA-1562-1 iceape - arbitrary code execution

Bulletin has no description...

Debian DSA-1558-1 : xulrunner - programming error

It was discovered that crashes in the JavaScript engine of xulrunner, the Gecko engine library, could potentially lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securit...

Debian DSA-1555-1 : iceweasel - programming error

It was discovered that crashes in the JavaScript engine of Iceweasel, an unbranded version of the Firefox browser, could potentially lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1558-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 24, 2008 http://www.debian.org/security/faq -...

DSA-1534-2 iceape - regression

Bulletin has no description...

DSA-1558-1 xulrunner - arbitrary code execution

Bulletin has no description...

[SECURITY] [DSA 1555-1] New iceweasel packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1555-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 23, 2008 http://www.debian.org/security/faq -...

DSA-1555-1 iceweasel - arbitrary code execution

Bulletin has no description...

Mozilla Firefox JavaScript垃圾收集器内存破坏漏洞

BUGTRAQ ID: 28818 CVECAN ID: CVE-2008-1380 Firefox是一款开放源码的WEB浏览器。 Firefox所使用的JavaScript引擎在执行JavaScript垃圾收集期间可能会触发内存破坏，如果用户受骗访问了带有恶意JavaScript的网页的话就可以触发这个漏洞，但该漏洞无法被可靠的利用，只能导致拒绝服务类的稳定性问题。由于代码共享的关系这个漏洞也影响SeaMonkey。 Mozilla Firefox = 2.0.0.13 Mozilla Thunderbird = 2.0.0.13 Mozilla SeaMonkey = 1.1.9...

CVE-2008-1380

The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service garbage collector crash and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for...