security flaw

Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI...

Ubuntu 4.10 / 5.04 : mozilla-thunderbird vulnerabilities (USN-200-1)

A buffer overflow was discovered in the XBM image handler. By tricking an user into opening a specially crafted XBM image, an attacker could exploit this to execute arbitrary code with the user's privileges. CAN-2005-2701 Mats Palmgren discovered a buffer overflow in the Unicode string parser...

Mandrake Linux Security Advisory : mozilla-thunderbird (MDKSA-2005:174)

Updated Mozilla Thunderbird packages fix various vulnerabilities : The run-mozilla.sh script, with debugging enabled, would allow local users to create or overwrite arbitrary files via a symlink attack on temporary files CVE-2005-2353. A bug in the way Thunderbird processes XBM images could be us...

MDKSA-2005:169 : mozilla-firefox

A number of vulnerabilities have been discovered in Mozilla Firefox that have been corrected in version 1.0.7: A bug in the way Firefox processes XBM images could be used to execute arbitrary code via a specially crafted XBM image file CVE-2005-2701. A bug in the way Firefox handles certain Unico...

Ubuntu 4.10 / 5.04 : mozilla, mozilla-firefox vulnerabilities (USN-186-1)

Peter Zelezny discovered that URLs which are passed to Firefox or Mozilla on the command line are not correctly protected against interpretation by the shell. If Firefox or Mozilla is configured as the default handler for URLs which is the default in Ubuntu, this could be exploited to execute...

Debian DSA-868-1 : mozilla-thunderbird - several vulnerabilities

Several security-related problems have been discovered in Mozilla and derived programs. Some of the following problems don't exactly apply to Mozilla Thunderbird, even though the code is present. In order to keep the codebase in sync with upstream it has been altered nevertheless. The Common...

DSA-868-1 mozilla-thunderbird - several

Bulletin has no description...

thunderbird security update

CentOS Errata and Security Advisory CESA-2005:791 An updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail...

security flaw

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code...

Fedora Core 3 : thunderbird-1.0.7-1.1.fc3 (2005-962)

An updated thunderbird package that fixes various bugs is now available for Fedora Core 3. This update has been rated as having important security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird...

Fedora Core 4 : firefox-1.0.7-1.1.fc4 (2005-926)

An updated firefox package that fixes several security bugs is now available for Fedora Core 4. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. A bug was found in the way Firefox processes XBM image...

Fedora Core 3 : mozilla-1.7.12-1.3.1 (2005-932)

Updated mozilla packages that fix several security bugs are now available for Fedora Core 3. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML...

Fedora Core 4 : mozilla-1.7.12-1.5.1 (2005-927)

Updated mozilla packages that fix several security bugs are now available for Fedora Core 4. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML...

USN-186-1: Mozilla and Firefox vulnerabilities

Peter Zelezny discovered that URLs which are passed to Firefox or Mozilla on the command line are not correctly protected against interpretation by the shell. If Firefox or Mozilla is configured as the default handler for URLs which is the default in Ubuntu, this could be exploited to execute...

CVE-2005-2705

CVE-2005-2705 is a real vulnerability affecting the JavaScript engine in Firefox prior to 1.0.7 and Mozilla Suite prior to 1.7.12. The root cause is an integer overflow in the JavaScript engine that could allow a remote attacker to execute arbitrary code. The impact is remote code execution with ...

CVE-2005-2705

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code...

firefox security update

CentOS Errata and Security Advisory CESA-2005:785 An updated firefox package that fixes several security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web...

security flaw

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code...

security flaw

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code...

CVE-2004-1810

The CVE-2004-1810 entry maps to a vulnerability in the Opera browser’s JavaScript engine (reported for Opera 7.x). The issue arises when handling very large JavaScript Array objects, where creating an Array with an extremely large size value and writing into it can crash the browser. OpenVAS and ...