Mozilla Foundation Security Advisory 2007-29

Mozilla Foundation Security Advisory 2007-29 Title: Crashes with evidence of memory corruption rv:1.8.1.8 Impact: Critical Announced: October 18, 2007 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.8 Thunderbird 2.0.0.8 SeaMonkey 1.1.5...

Memory corruption

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service crash via crafted HTML that triggers memory corruption...

CVE-2007-5340

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service crash via crafted HTML that triggers memory corruption...

[SECURITY] [DSA 1392-1] New xulrunner packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1392-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 20th, 2007 http://www.debian.org/security/faq -...

DSA-1392-1 xulrunner - several vulnerabilities

Bulletin has no description...

security flaw

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service crash via crafted HTML that triggers memory corruption...

[SECURITY] [DSA 1391-1] New icedove packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1391-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 19th, 2007 http://www.debian.org/security/faq -...

security flaw

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service crash via crafted HTML that triggers memory corruption...

PT-2007-6409 · Mozilla +1 · Firefox +3

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 2.0.0.8 Thunderbird versions prior to 2.0.0.8 SeaMonkey versions prior to 1.1.5 Description: The issue is related to multiple vulnerabilities in the Javascript engine, allowing remote attackers to cause a...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-2421)

This security update brings Mozilla Thunderbird to version 1.5.0.9. http://www.mozilla.org/projects/security/known-vulnerabilities.html It includes fixes to the following security problems: CVE-2006-6497/MFSA2006-68: Crashes with evidence of memory corruption were fixed in the layout engine...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1924)

This security update brings Mozilla Thunderbird to version 1.5.0.6. Note that on SUSE Linux 9.2, 9.3 and 10.0 this is a major version upgrade. More Details can be found on this page: http://www.mozilla.org/projects/security/known-vulnerabilities.html It includes fixes to the following security...

openSUSE 10 Security Update : seamonkey (seamonkey-2250)

This security update brings Mozilla SeaMonkey to version 1.0.6. Please also see http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems: MFSA2006-65: Is split into 3 sub-entries, for ongoing stability improvements ...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2418)

This update brings MozillaFirefox to the security update release 1.5.0.9 2.0.0.1 for openSUSE 10.2 and includes the following security fixes : http://www.mozilla.org/projects/security/known-vulnerabilities.html CVE-2006-6497/MFSA2006-68: Crashes with evidence of memory corruption were fixed in th...

GLSA-200708-17 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-17 Opera: Multiple vulnerabilities An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed...

Debian DSA-1339-1 : iceape - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3089 Ronen Zilberman and Michal Zalewski discovered that a timing...

Debian DSA-1337-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3089 Ronen Zilberman and Michal Zalewski discovered that a timing race allows the injection...

Debian DSA-1338-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3089 Ronen Zilberman and Michal Zalewski discovered that a timing race...

DSA-1339-1 iceape - several

Bulletin has no description...

Heap overflow

Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions PCRE library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE:...

CVE-2007-3944

Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions PCRE library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE:...