67 matches found
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1252&desc=5 MsMpEng is the Malware Protection service that is enabled by default on Windows 8, 8.1, 10, Windows Server 2012, and so on. Additionally, Microsoft Security Essentials, System Centre Endpoint Protection and various othe...
Artifex Software MuJS Buffer Overflow Vulnerability (CNVD-2017-05278)
Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. A buffer overflow vulnerability exists in the 'jsstackoverflow' function of the jsrun.c file in Artifex Software MuJS. An...
[SECURITY] Fedora 25 Update: mujs-0-6.20161031gita0ceaf5.fc25
MuJS is a lightweight Javascript interpreter designed for embedding in other software to extend them with scripting capabilities...
Artifex MuJS Heap Buffer Overflow Vulnerability
Artifex Software MuJS is a lightweight JavaScript interpreter from Artifex Software, USA, which is used to embed into other software to provide script execution capabilities. Artifex MuJS heap buffer overflow vulnerability. An attacker can exploit the vulnerability to execute arbitrary code in th...
MuJS heap buffer overflow vulnerability (CNVD-2016-08688)
MuJS is a lightweight JavaScript interpreter , it is used to embedded in other software to provide script execution capabilities . A heap buffer overflow vulnerability exists in MuJS. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application, which...
Security update for polkit (important)
Polkit was updated to 0.113 to fix four security issues. The following vulnerabilities were fixed: CVE-2015-4625: a local privilege escalation due to predictable authentication session cookie values. boo935119 CVE-2015-3256: various memory corruption vulnerabilities in use of the JavaScript...
Mozilla Firefox 3.5 - 'escape()' Return Value Memory Corruption (Metasploit)
$Id: firefoxescaperetval.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Debian DSA-948-1 : kdelibs - buffer overflow
Maksim Orlovich discovered that the kjs JavaScript interpreter, used in the Konqueror web browser and in other parts of KDE, performs insufficient bounds checking when parsing UTF-8 encoded Uniform Resource Identifiers, which may lead to a heap based buffer overflow and the execution of arbitrary...
Debian DSA-1046-1 : mozilla - several vulnerabilities
Several security related problems have been discovered in Mozilla. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-2353 The 'run-mozilla.sh' script allows local users to create or overwrite arbitrary files when debugging is enabled via a...
CentOS 4 : firefox (CESA-2006:0200)
An updated firefox package that fixes several security bugs is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Igor Bukanov discovered a bug in the way Firefox's JavaScript interpret...
CentOS 4 : kdelibs (CESA-2006:0184)
Updated kdelibs packages are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. kdelibs contains libraries for the K Desktop Environment KDE. A heap overflow flaw was discovered affecting kjs, the...
DSA-1046-1 mozilla - several
Bulletin has no description...
security flaw
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
CVE-2006-0292
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
Design/Logic Flaw
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
CVE-2006-0292
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
CVE-2006-0292
The Javascript interpreter jsinterp.c in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service crash or execute arbitrary code via unknown attack vectors related to garbage collection...
mozilla security update
CentOS Errata and Security Advisory CESA-2006:0199 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2006-February/074774.html https://lists.centos.org/pipermail/centos-announce/2006-February/074775.html...
Critical: Red Hat Security Advisory: firefox security update
An updated firefox package that fixes several security bugs is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Igor Bukanov discovered a bug in the way Firefox's Javascript interpret...
[KDE Security Advisory] kjs encodeuri/decodeuri heap overflow
KDE Security Advisory: kjs encodeuri/decodeuri heap overflow vulnerability Original Release Date: 2006-01-19 URL: http://www.kde.org/info/security/advisory-20060119-1.txt 0. References CVE-2006-0019 1. Systems affected: KDE 3.2.0 up to including KDE 3.5.0 2. Overview: Maksim Orlovich discovered a...