2289 matches found
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2917-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2917-1 advisory. Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker...
USN-2917-1 firefox vulnerabilities
Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user...
Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2904-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2904-1 advisory. Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able t...
firefox: multiple issues
CVE-2016-1952 CVE-2016-1953 arbitrary code execution Mozilla developers fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough...
USN-2904-1: Thunderbird vulnerabilities
Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. CVE-2015-7575 Yves Younan discovered that...
USN-2904-1 thunderbird vulnerabilities
Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be exploited to view sensitive information. CVE-2015-7575 Yves Younan discovered that...
CVE-2016-1956
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...
Linux video memory DOS with Intel drivers — Mozilla
Security researcher Ucha Gobejishvili reported a denial of service DOS attack when doing certain WebGL operations in a canvas requiring an unusually large amount buffer to be allocated from video memory. This resulted in memory resource exhaustion with some Intel video cards, requiring the comput...
UBUNTU-CVE-2016-1956
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...
openSUSE Security Update : Thunderbird (openSUSE-2016-225) (SLOTH)
This update to 38.6.0 fixes the following issues : - MFSA 2016-01/CVE-2016-1930 Miscellaneous memory safety hazards - MFSA 2016-03/CVE-2016-1935 bmo1220450 Buffer overflow in WebGL after out of memory allocation %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
openSUSE Security Update : MozillaThunderbird (openSUSE-2016-222)
This update Mozilla Thunderbird 38.6.0 fixes the following issuesboo963520 : - CVE-2016-1930: Miscellaneous memory safety hazards boo963632 - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation boo963635 The following upstream fixes are included : - Filters ran on a different...
Ubuntu 14.04 LTS : Firefox regression (USN-2880-2)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2880-2 advisory. USN-2880-1 fixed vulnerabilities in Firefox. This update introduced a regression which caused Firefox to crash on startup with some configurations. This update...
SUSE SLED11 / SLES11 Security Update : MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss (SUSE-SU-2016:0334-1)
This update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss fixes the following issues: bsc963520 Mozilla Firefox was updated to 38.6.0 ESR. Mozilla NSS was updated to 3.20.2. The following vulnerabilities were fixed : - CVE-2016-1930: Memory safety bugs fixed in Firefox ESR 38.6...
openSUSE Security Update : xulrunner (openSUSE-2016-127)
XULRunner was updated to 38.6.0 to fix two security issues. The following vulnerabilities were fixed : - CVE-2016-1930: Miscellaneous memory safety hazards boo963632 - CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation boo963635 %NASLMINLEVEL 70300 C Tenable Network Security,...
openSUSE Security Update : Mozilla Firefox (openSUSE-2016-131)
This update fixes the following security related issues by updating packages to a more recent version : Update of NSPR to 4.11 Update of NSS to 3.21 Update of Firefox to 44.0 - MFSA 2016-01/CVE-2016-1930/CVE-2016-1931 Miscellaneous memory safety hazards - MFSA 2016-02/CVE-2016-1933 bmo1231761 Out...
openSUSE Security Update : the MozillaFirefox / mozilla-nss and mozilla-nspr (openSUSE-2016-128)
This update to MozillaFirefox fixes several security issues and bugs. Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21 Mozilla NSPR was updated to 4.11. The following vulnerabilities were fixed : - CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety hazards boo963633 -...
Security update for xulrunner (important)
XULRunner was updated to 38.6.0 to fix two security issues. The following vulnerabilities were fixed: CVE-2016-1930: Miscellaneous memory safety hazards boo963632 CVE-2016-1935: Buffer overflow in WebGL after out of memory allocation boo963635...
Mozilla Firefox Buffer Overflow Vulnerability (CNVD-2016-00900)
Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A buffer overflow vulnerability exists in the 'BufferSubData' function in Mozilla Firefox version...
openSUSE: Security Advisory for xulrunner (openSUSE-SU-2016:0310-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : mozilla -- multiple vulnerabilities (4f00dac0-1e18-4481-95af-7aaad63fd303)
Mozilla Foundation reports : MFSA 2016-01 Miscellaneous memory safety hazards rv:44.0 / rv:38.6 MFSA 2016-02 Out of Memory crash when parsing GIF format images MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation MFSA 2016-04 Firefox allows for control characters to be set in cook...