FreeBSD : mozilla -- multiple vulnerabilities (2b8cad90-f289-11e1-a215-14dae9ebcf89)

The Mozilla Project reports : MFSA 2012-57 Miscellaneous memory safety hazards rv:15.0/ rv:10.0.7 MFSA 2012-58 Use-after-free issues found using Address Sanitizer MFSA 2012-59 Location object can be shadowed using Object.defineProperty MFSA 2012-60 Escalation of privilege through about:newtab MFS...

MozillaFirefox: Update to version 15 (critical)

Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1 975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE- 2012-3959...

Mozilla Firefox < 15.0 Multiple Vulnerabilities

Binary data 6559.prm...

Mozilla Firefox 14.x <= 14 Multiple Vulnerabilities

Binary data 801230.prm...

USN-1548-1: Firefox vulnerabilities

Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit...

CVE-2012-3973

The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and...

CVE-2012-3973

CVE-2012-3973 affects Mozilla Firefox before 15.0, where the debugger in the developer-tools subsystem fails to properly restrict access to the remote-debugging service when remote debugging is disabled. This allows remote attackers to execute arbitrary code by leveraging the HTTPMonitor extensio...

CVE-2012-3973

The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and...

Firefox < 15.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 15.0 and thus, is potentially affected by the following security issues : - An error exists related to 'Object.defineProperty' and the location object and can allow cross-site scripting attacks. CVE-2012-1956 - Unspecified memory safety issues exis...

CVE-2012-3973

The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote attackers to execute arbitrary code by leveraging the presence of the HTTPMonitor extension and...

HTTPMonitor extension allows for remote debugging without explicit activation — Mozilla

Mozilla security researcher Mark Goodwin discovered an issue with the Firefox developer tools' debugger. If remote debugging is disabled, but the experimental HTTPMonitor extension has been installed and enabled, a remote user can connect to and use the remote debugging service through the port...

jdwp-inject NSE Script

Attempts to exploit java's remote debugging port. When remote debugging port is left open, it is possible to inject java bytecode and achieve remote code execution. This script allows injection of arbitrary class files. After injection, class' run method is executed. Method run has no parameters,...

jdwp-info NSE Script

Attempts to exploit java's remote debugging port. When remote debugging port is left open, it is possible to inject java bytecode and achieve remote code execution. This script injects and execute a Java class file that returns remote system information. Example Usage nmap -sT -p...

QNX pdebug Service Detection

The QNX pdebug remote debugging service is running on this host. pdebug should only be used only in development phase. Through this service, it is possible to upload and execute arbitrary code on the host, read or modify memory, stop running processes, etc. An attacker can use this service to tak...

IDA Pro debugger unauthorized access

Remote debugging request is executed regrdless of authentication state...

FrontPage fp30reg.dll remote debug buffer overflow

Added: 01/30/2006 CVE: CVE-2003-0822 BID: 9007 OSVDB: 2952 Background Microsoft FrontPage Server Extensions includes a remote debugging function. Problem A buffer overflow in fp30reg.dll leads to a vulnerability in the remote debug function in FrontPage Server Extensions. A remote attacker could...

Authentication flaw

Advantage Century Telecommunication ACT P202S IP Phone 1.01.21 running firmware 1.1.21 has multiple undocumented ports available, which 1 might allow remote attackers to obtain sensitive information, such as memory contents and internal operating-system data, by directly accessing the VxWorks WDB...

CVE-2006-0374

Advantage Century Telecommunication ACT P202S IP Phone 1.01.21 running firmware 1.1.21 has multiple undocumented ports available, which 1 might allow remote attackers to obtain sensitive information, such as memory contents and internal operating-system data, by directly accessing the VxWorks WDB...

[Full-disclosure] Senao SI-680H VoIP Wifi phone undocumented open port

I disclosed today the following vulnerability at the 32nd CSI conference in Washington, D.C. https://www.cmpevents.com/CSI32/a.asp?option=G&V=3&id=406438 Thanks, Shawn Merdinger =============================================================== VENDOR: Senao VENDOR NOTIFIED: 28 June, 2005 VENDOR...

Microsoft Frontpage Server buffer overflow

Buffer overflow in remote debugging interface...