CVE-2011-2987

Heap-based buffer overflow in Almost Native Graphics Layer Engine ANGLE, as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors...

CVE-2011-2989

The browser engine in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, Thunderbird before 6, and possibly other products does not properly implement WebGL, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code...

CVE-2011-2988

CVE-2011-2988 describes a buffer overrun in an unspecified string class used by the WebGL shader implementation in Mozilla Firefox (4.x–5), SeaMonkey (2.x before 2.3), and Thunderbird before 6. The vulnerability can be triggered by a long shader source block, potentially allowing remote code exec...

CVE-2011-2987

The connected documents confirm CVE-2011-2987 is a heap overflow in the ANGLE library used by Mozilla’s WebGL implementation (Firefox/SeaMonkey/related) that could allow remote code execution. The issue is tied to the ANGLE heap overflow in WebGL code paths; exploitation would be via remote attac...

CVE-2011-2989

The CVE-2011-2989 entry describes a WebGL memory-corruption flaw in the browser engine affecting Firefox 4.x–5 , SeaMonkey 2.x before 2.3 , and Thunderbird before 6 , with potential for memory corruption, DoS, or arbitrary code execution via unspecified vectors. Connected documents confirm instan...

Ubuntu 11.04 : mozvoikko update (USN-1192-2)

USN-1192-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko for use with Firefox 6. Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking...

Ubuntu 11.04 : firefox vulnerabilities (USN-1192-1)

Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2989 Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could...

Mozilla Firefox < 6.0 Multiple Vulnerabilities

Binary data 6008.prm...

SeaMonkey 2.x < 2.3.0 Multiple Vulnerabilities

Binary data 6012.prm...

Mozilla Thunderbird < 6.0 Multiple Vulnerabilities

Binary data 6010.prm...

Mozilla Thunderbird 5 Multiple Vulnerabilities

Binary data 801266.prm...

Mozilla SeaMonkey 2.x < 2.3.0 Multiple Vulnerabilities

Binary data 801272.prm...

SUSE: Security Advisory for MozillaFirefox, MozillaThunderbird (SUSE-SA:2011:028)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1192-2: Mozvoikko update

USN-1192-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko for use with Firefox 6. Original advisory details: Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privilege...

USN-1192-1: Firefox vulnerabilities

Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2989 Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could...

Mozilla Fixes 10 Bugs in Release of Firefox 6

Mozilla has released Firefox 6 through its automatic update mechanism and the new version of the group’s popular browser includes fixes for 10 vulnerabilities, several of them critical flaws that could allow remote code execution. The new version of Firefox comes just a two months after Mozilla...

SeaMonkey < 2.3.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.3.0. Such versions are potentially affected by the following security issues : - An error in SVG text manipulation code creates a dangling pointer vulnerability. CVE-2011-0084 - Multiple, unspecified memory safety issues exist. CVE-2011-2985 - ...

SeaMonkey < 2.2.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.2.0. As such, it is potentially affected by the following security issues : - Errors in the WebGL implementation can allow the loading of WebGL textures from cross-domain images or allow the crash of the application and execution of arbitrary...

Mozilla Thunderbird < 6.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 6.0 and thus, is potentially affected by the following security issues : - Several memory safety bugs exist in the browser engine that may permit remote code execution. CVE-2011-2985, CVE-2011-2989, CVE-2011-2991, CVE-2011-2992 - A dangling...

CVE-2011-2987

Heap-based buffer overflow in Almost Native Graphics Layer Engine ANGLE, as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to execute arbitrary code via unspecified vectors...