CVE-2011-2998

CVE-2011-2998 affects Mozilla Firefox 3.6.x before 3.6.23. The issue is an integer underflow in JavaScript processing of large RegExp expressions, which can cause a denial of service (application crash) and may allow arbitrary code execution. The connected advisories describe the same vulnerabili...

Mozilla Firefox RegExp远程整数溢出漏洞

BUGTRAQ ID: 49809 Firefox是一款非常流行的开源WEB浏览器。 Firefox处理较大的JavaScript RegExp表达式时存在整数溢出错误，远程攻击者可在受影响应用程序中以当前用户权限执行任意代码，造成拒绝服务。 Mozilla Firefox 3.x 厂商补丁： Mozilla ------- Mozilla已经为此发布了一个安全公告（mfsa2011-37）以及相应补丁: mfsa2011-37：Integer underflow when using JavaScript RegExp...

Mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2011-36 Miscellaneous memory safety hazards rv:7.0 / rv:1.9.2.23 MFSA 2011-37 Integer underflow when using JavaScript RegExp MFSA 2011-38 XSS via plugins and shadowed window.location object MFSA 2011-39 Defense against multiple Location headers due to CRLF...

Integer underflow when using JavaScript RegExp — Mozilla

Mark Kaplan reported a potentially exploitable crash due to integer underflow when using a large JavaScript RegExp expression. We would also like to thank Mark for contributing the fix for this problem...

Mozilla Products Multiple Vulnerabilities - Sep 11 (Windows)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple unspecified vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnsep11win01.nasl 7019 2017-08-29 11:51:27Z teissa $ Mozilla Products Multiple Vulnerabilities - Sep 11 Windows Authors: Madhu...

SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 5057)

Mozilla Firefox was updated to version 3.6.20. It fixes bugs and security issues. Following security issues were fixed: Mozilla Foundation Security Advisory 2011-30 - MFSA 2011-30 - Miscellaneous memory safety hazards Mozilla developers and community members identified and fixed several memory...

[BSA-046] Security Update for icedove

Christoph Göhre uploaded new packages for icedove which fixed the following security problems: CVE-2011-0084 "regenrecht" discovered that incorrect pointer handling in the SVG processing code could lead to the execution of arbitrary code. CVE-2011-2378 "regenrecht" discovered that incorrect memor...

Debian DSA-2297-1 : icedove - several vulnerabilities

Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. - CVE-2011-0084 'regenrecht' discovered that incorrect pointer handling in the SVG processing code could lead to the execution of arbitrary code. - CVE-2011-2378 'regenrecht'...

CVE-2011-2983

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site,...

Debian DSA-2295-1 : iceape - several vulnerabilities

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2011-0084 'regenrecht' discovered that incorrect pointer handling in the SVG processing code could lead to the execution of arbitrary code. - CVE-2011-2378 'regenrecht' discovered that...

Debian DSA-2296-1 : iceweasel - several vulnerabilities

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. - CVE-2011-0084 'regenrecht' discovered that incorrect pointer handling in the SVG processing co...

Mozilla: Private data leakage using RegExp.input

Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site,...

Adobe Flash Player ActionScript 3 RegExp Memory Corruption (APSB11-21; CVE-2011-2134)

The vulnerability is due to an error in the way the application allocates memory for regular expression interpretations. A remote attacker could exploit this vulnerability by enticing an unsuspecting victim to open a web page containing malicious SWF files...

Google Chrome Multiple Vulnerabilities - March 11(Windows)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultdosvulnmar11win.nasl 7052 2017-09-04 11:50:51Z teissa $ Google Chrome Multiple Denial of Service Vulnerabilities - March 11Windows Authors: Madhuri D Copyright: Copyright ...

Google Chrome < 10.0.648.127 Multiple Vulnerabilities

Binary data 5812.pasl...

Fedora Update for bournal FEDORA-2010-3221

Check for the Version of bournal OpenVAS Vulnerability Test Fedora Update for bournal FEDORA-2010-3221 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 13 Update: bournal-1.4.1-1.fc13

Bournal is a bash script that allows you to keep a personal, minimalistic, password-protected journal, log, or diary. It includes encryption, regexp searches, and a date-sorted list for editing old entries. Since Bournal is pure bash, it should be easily editable for the CLI-savvy...

[SECURITY] Fedora 12 Update: bournal-1.4.1-1.fc12

Bournal is a bash script that allows you to keep a personal, minimalistic, password-protected journal, log, or diary. It includes encryption, regexp searches, and a date-sorted list for editing old entries. Since Bournal is pure bash, it should be easily editable for the CLI-savvy...

[SECURITY] Fedora 11 Update: bournal-1.4.1-1.fc11

Bournal is a bash script that allows you to keep a personal, minimalistic, password-protected journal, log, or diary. It includes encryption, regexp searches, and a date-sorted list for editing old entries. Since Bournal is pure bash, it should be easily editable for the CLI-savvy...

Fedora 11 : viewvc-1.1.3-1.fc11 (2009-13634)

security fix: add root listing support of per-root authz config security fix: query.py requires 'forbidden' authorizer or none in config fix URL- ification of truncated log messages issue 3 fix regexp input validation issue 426, 427, 440 add support for configurable tab-to-spaces conversion fix...