12 matches found
openSUSE Security Update : seamonkey (openSUSE-SU-2014:0008-1)
This update fixes the following security issues with SeaMonkey : - update to SeaMonkey 2.23 bnc854370 - requires NSPR 4.10.2 and NSS 3.15.3.1 - MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards - MFSA 2013-105/CVE-2013-5611 bmo771294 Application Installation doorhanger...
Ubuntu: Security Advisory (USN-2053-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : mozilla -- multiple vulnerabilities (dd116b19-64b3-11e3-868f-0025905a4771)
The Mozilla Project reports : MFSA 2013-116 JPEG information leak MFSA 2013-105 Application Installation doorhanger persists on navigation MFSA 2013-106 Character encoding cross-origin XSS attack MFSA 2013-107 Sandbox restrictions not applied to nested object elements MFSA 2013-108 Use-after-free...
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : thunderbird vulnerabilities (USN-2053-1)
Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...
Mozilla: Use-after-free in synthetic mouse movement (MFSA 2013-114)
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via...
CVE-2013-5613
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via...
Design/Logic Flaw
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via...
USN-2053-1: Thunderbird vulnerabilities
Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...
Mozilla: Use-after-free in synthetic mouse movement (MFSA 2013-114)
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via...
CVE-2013-5613
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via...
Thunderbird < 24.2 Multiple Vulnerabilities (Mac OS X)
The installed version of Thunderbird is earlier than 24.2 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two use-after-free...
Use-after-free in synthetic mouse movement — Mozilla
Security researchers Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free in the functions for synthetic mouse movement handling. Security researcher Atte Kettunen from OUSPG also...