DSA-1337-1 xulrunner

Bulletin has no description...

security flaw

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service crash via unspecified vectors that trigger memory corruption...

security flaw

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service crash via unspecified vectors that trigger memory corruption...

Mozilla Firefox 2.0.0.4多个远程安全漏洞

BUGTRAQ ID: 24946 CVECAN ID: CVE-2007-3734,CVE-2007-3735,CVE-2007-3736,CVE-2007-3737,CVE-2007-3738 Mozilla Firefox是一款流行的开源WEB浏览器。 Firefox的浏览器引擎和JavaScript引擎中存在多个内存破坏漏洞，可能允许攻击者导致浏览器崩溃。 addEventListener和setTimeout方式中的漏洞可能允许攻击者破坏浏览器的同源策略向其他站点注入脚本，访问或修改该站点的保密或敏感数据。...

CVE-2007-3735

CVE-2007-3735 affects Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5. The vulnerability is in the JavaScript engine and can cause a remote crash via memory corruption, as described in the initial entry. Connected advisories also reference patches to address these issues (e.g., Fire...

Debian DSA-1305-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1558 Gatan Leurent discovered a cryptographical weakness in APOP...

[SECURITY] [DSA 1306-1] New xulrunner packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1306-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 12th, 2007 http://www.debian.org/security/faq -...

Debian DSA-1300-1 : iceape - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1362 Nicolas Derouet discovered that Iceape performs insufficient...

DSA-1300-1 iceape

Bulletin has no description...

USN-469-1: Thunderbird vulnerabilities

Gaëtan Leurent showed a weakness in APOP authentication. An attacker posing as a trusted server could recover portions of the user's password via multiple authentication attempts. CVE-2007-1558 Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a...

CVE-2007-2868

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code...

Memory corruption

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code...

CVE-2007-2868

This CVE-2007-2868 entry concerns memory corruption in the JavaScript engine of Mozilla-derived products. Affected software includes Mozilla Firefox 1.5.x up to 1.5.0.12 and 2.x up to 2.0.0.4, Thunderbird 1.5.x up to 1.5.0.12 and 2.x up to 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2. Exploitation coul...

CVE-2007-2868

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code...

security flaw

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code...

security flaw

Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code...

CVE-2007-1794

The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805...

CVE-2007-1794

The CVE-2007-1794 entry concerns the JavaScript engine in Mozilla 1.7 and earlier on Sun Solaris (versions 8/9/10), where a garbage-collection vector may allow remote code execution by deleting a temporary object that is still in use. This is explicitly linked to CVE-2006-3805 in the description....

GLSA-200703-04 : Mozilla Firefox: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200703-04 Mozilla Firefox: Multiple vulnerabilities Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects Mozilla Firefox 2 only. Various researchers reported some errors in the JavaScript...

security flaw

The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain vectors that trigger memory corruption...