393 matches found
[SECURITY] [DSA 1669-1] New xulrunner packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1669-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff November 23, 2008 http://www.debian.org/security/faq -...
DSA-1669-1 xulrunner - several vulnerabilities
Bulletin has no description...
Mozilla crash with evidence of memory corruption
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via multiple vectors that trigger an assertion failure or other consequences...
Design/Logic Flaw
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via multiple vectors that trigger an assertion failure or other consequences...
CVE-2008-5016
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via multiple vectors that trigger an assertion failure or other consequences...
Mozilla crash with evidence of memory corruption
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via multiple vectors that trigger an assertion failure or other consequences...
Mozilla crash with evidence of memory corruption
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via multiple vectors that trigger an assertion failure or other consequences...
Debian DSA-1649-1 : iceweasel - several vulnerabilities
Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overfl...
CVE-2008-4061
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via an mtd...
Integer overflow
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via an mtd...
CVE-2008-4063
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...
CVE-2008-4063
CVE-2008-4063 affects Mozilla Firefox 3.x up to 3.0.2. The issue involves memory corruption in the layout engine via multiple vectors: (1) this==0 in nsContentList::Item, (2) Hindi/Indic IME interaction with the g key, and (3) inline frame protection when SortByContentOrder is invoked. Impact is ...
Mozilla layout engine crash
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via an mtd...
Mozilla crashes with evidence of memory corruption
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...
CVE-2008-4061
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via an mtd...
CVE-2008-4063
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...
GLSA-200808-03 : Mozilla products: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200808-03 Mozilla products: Multiple vulnerabilities The following vulnerabilities were reported in all mentioned Mozilla products: TippingPoint's Zero Day Initiative reported that an incorrect integer data type is used as a CSS...
Debian DSA-1621-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...
DSA-1621-1 icedove - several vulnerabilities
Bulletin has no description...
Debian DSA-1615-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...