New HTTPS URL Leakage Attack Leaves PCs, Macs, Linux Systems Vulnerable

LAS VEGAS — Researchers have found flaws in the Web Proxy AutoDiscovery protocol tied to DHCP and DNS servers that allow hackers spy on HTTPS-protected URLs and launch a myriad of different malicious attacks against Linux, Windows or Mac computers. According to the security firm SafeBreach, this...

Apple Fixes Proxy Manipulation Vulnerability in iOS 8.3

If left unpatched, one of the vulnerabilities fixed in this week’s iOS update could render an iPhone near useless. If triggered, it could cause networking apps to quit, the system to grind to a halt. In some cases, the device wouldn’t even be able to be rebooted. The vulnerability, nicknamed...

Microsoft .Net Framework Web Proxy Auto-Discovery Code Execution (MS12-074; CVE-2012-4776)

A remote code execution vulnerability has been reported in the Microsoft .Net Framework. The vulnerability is due to an error in the way the .Net Framework retrieves the default web proxy settings. A remote attacker can exploit this issue by enticing a victim to use a malicious proxy auto...

SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6617)

The Mozilla XULRunner engine was updated to version 1.9.0.15 to fix various bugs and security issues. The following security issues have been fixed : - Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to...

Mandriva Linux Security Advisory : firefox (MDVSA-2009:290-1)

Security issues were identified and fixed in firefox 3.0.x : Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code...

RedHat Security Advisory RHSA-2009:1530

The remote host is missing updates announced in advisory RHSA-2009:1530. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the Netscape Portable Runtime NSPR. A flaw was found in the way Firefox handles form history. A...

Mozilla Seamonkey Multiple Vulnerabilities Nov-09 (Windows)

This host is installed with Mozilla Seamonkey browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnnov09win.nasl 4869 2016-12-29 11:01:45Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Nov-09 Windows Authors: Sharath S Copyright: Copyright c...

Mozilla Seamonkey Multiple Vulnerabilities (Nov 2009) - Linux

Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Seamonkey Multiple Vulnerabilities (Nov 2009) - Windows

Mozilla Seamonkey browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Multiple Vulnerabilities (Nov 2009) - Linux

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

USN-853-1: Firefox and Xulrunner vulnerabilities

Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoki...

Code injection

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...

CVE-2009-3372

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...

CVE-2009-3372

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...

CVE-2009-3372

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...

Mozilla Issues Critical Firefox Security Bulletins

Mozilla has released Firefox 3.5.4 with fixes for a wide range of serious security vulnerabilities. The most serious issue could allow a malicious hacker to take complete control of a computer by simply tricking a user into visiting a rigged Web page. In all, Mozilla released 11 advisories, six...

firefox, nspr security update

CentOS Errata and Security Advisory CESA-2009:1530 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open sour...

Mozilla SeaMonkey < 2.0 Multiple Vulnerabilities

Binary data 801372.prm...

SeaMonkey < 2.0 Multiple Vulnerabilities

Binary data 5219.prm...

Mozilla Foundation Security Advisory 2009-55

Mozilla Foundation Security Advisory 2009-55 Title: Crash in proxy auto-configuration regexp parsing Impact: Moderate Announced: October 27, 2009 Reporter: Marco C. Products: Firefox, SeaMonkey Fixed in: Firefox 3.5.4 Firefox 3.0.15 SeaMonkey 2.0 Description Security researcher Marco C. reported ...