WebKit - Insufficient Entropy Random Number Generator (1)

WebKit - Insufficient Entropy Random Number Generator 1 source: https://www.securityfocus.com/bid/44952/info WebKit is prone to a random-number-generator weakness. Attackers can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage. Successful attacks will allow...

WebKit - Insufficient Entropy Random Number Generator (2)

WebKit - Insufficient Entropy Random Number Generator 2 source: https://www.securityfocus.com/bid/44952/info WebKit is prone to a random-number-generator weakness. Attackers can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage. Successful attacks will allow...

WebKit - Insufficient Entropy Random Number Generator (1)

source: https://www.securityfocus.com/bid/44952/info WebKit is prone to a random-number-generator weakness. Attackers can exploit this issue by enticing an unsuspecting user into visiting a malicious webpage. Successful attacks will allow attackers to track user sessions and obtain personal...

[SECURITY] Fedora 14 Update: libHX-3.6-1.fc14

A library for: - rbtree with key-value pair extension - deques double-ended queues Stacks LIFO / Queues FIFOs - platform independent opendir-style directory access - platform independent dlopen-style shared library access - auto-storage strings with direct access - command line option argv parser...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7083)

Mozilla Firefox has been updated to version 3.5.10, fixing various bugs and security issues. - Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random. Since the pseudo-random number generator was only seeded once per browsing session,...

CVE-2010-3400

The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-forc...

CVE-2010-3399

The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess th...

CVE-2010-3171

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attackers to track a user, or trick a user into acti...

Design/Logic Flaw

The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-forc...

CVE-2010-3171

The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attackers to track a user, or trick a user into acti...

CVE-2010-3400

The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses the current time for seeding of a random number generator, which makes it easier for remote attackers to guess the seed value via a brute-forc...

Fedora Update for libHX FEDORA-2010-13127

Check for the Version of libHX OpenVAS Vulnerability Test Fedora Update for libHX FEDORA-2010-13127 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

[SECURITY] Fedora 13 Update: libHX-3.6-1.fc13

A library for: - rbtree with key-value pair extension - deques double-ended queues Stacks LIFO / Queues FIFOs - platform independent opendir-style directory access - platform independent dlopen-style shared library access - auto-storage strings with direct access - command line option argv parser...

[SECURITY] Fedora 12 Update: libHX-3.6-1.fc12

A library for: - rbtree with key-value pair extension - deques double-ended queues Stacks LIFO / Queues FIFOs - platform independent opendir-style directory access - platform independent dlopen-style shared library access - auto-storage strings with direct access - command line option argv parser...

Ubuntu 9.04 / 9.10 : firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-930-6)

USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browse...

USN-930-6: Firefox and Xulrunner vulnerability

USN-957-1 fixed vulnerabilities in Firefox and Xulrunner. Daniel Holbert discovered that the fix for CVE-2010-1214 introduced a regression which did not properly initialize a plugin pointer. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browse...

Ubuntu Update for firefox regression USN-930-3

Ubuntu Update for Linux kernel vulnerabilities USN-930-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN9303.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for firefox regression USN-930-3 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-930-1

Ubuntu Update for Linux kernel vulnerabilities USN-930-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9301.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for Firefox and Xulrunner vulnerabilities USN-930-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu 8.04 LTS : firefox regression (USN-930-3)

USN-930-1 fixed vulnerabilities in Firefox. Due to a software packaging problem, the Firefox 3.6 update could not be installed when the firefox-2 package was also installed. This update fixes the problem and updates apturl for the change. If was discovered that Firefox could be made to access fre...

Ubuntu 8.04 LTS : apturl, epiphany-browser, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update (USN-930-2)

USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on Ubuntu 8.04 LTS. If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote...