2530 matches found
Stable Channel Update
The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux. Chrome 49.0.2623.75 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...
openSUSE Security Update : seamonkey (openSUSE-2016-126) (SLOTH)
SeaMonkey was updated to 2.40 boo959277 to fix security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-7575: MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature - CVE-2015-7201/CVE-2015-7202: Miscellaneous memory safety hazards - CVE-2015-7204: Cra...
openSUSE Security Update : SeaMonkey (openSUSE-2016-129) (SLOTH)
This update for SeaMonkey fixes the following issues : - update to SeaMonkey 2.40 bnc959277 - requires NSS 3.20.2 to fix MFSA 2015-150/CVE-2015-7575 bmo1158489 MD5 signatures accepted within TLS 1.2 ServerKeyExchange in server signature - MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 Miscellaneous...
openSUSE Security Update : Mozilla Thunderbird (openSUSE-2015-977)
Mozilla Thunderbird was updated to 38.5.0 to fix multiple security issues. The following vulnerabilities were fixed: boo959277 - CVE-2015-7201: Miscellaneous memory safety hazards - CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed - CVE-2015-7212: Integer...
Security update for Mozilla Thunderbird (important)
Mozilla Thunderbird was updated to 38.5.0 to fix multiple security issues. The following vulnerabilities were fixed: boo959277 CVE-2015-7201: Miscellaneous memory safety hazards CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed CVE-2015-7212: Integer overflow...
Security update for xulrunner (important)
Xulrunner was updated to 38.5.0 to fix several security issues. The following vulnerabilities were fixed boo959277: CVE-2015-7201: Miscellaneous memory safety hazards CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed CVE-2015-7212: Integer overflow allocating...
SUSE-SU-2015:2334-1 Security update for MozillaFirefox
MozillaFirefox was updated to version 38.5.0 esr to fix the following issues: Following security issues were fixed: MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 Miscellaneous memory safety hazards rv:43.0 / rv:38.5 MFSA 2015-138/CVE-2015-7210 Use-after-free in WebRTC when datachannel is used after...
Updated firefox packages fix security vulnerabilities
Updated firefox packages fix security vulnerabilities: Multiple memory safety issues in Firefox were discovered. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary...
Mozilla: Use-after-free in WebRTC when datachannel is used after being destroyed (MFSA 2015-138)
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...
CVE-2015-7210
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...
CVE-2015-7205
Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP...
Integer overflow
Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP...
Design/Logic Flaw
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...
CVE-2015-7210
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function...
CVE-2015-7205
CVE-2015-7205 details : In Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5, an integer underflow in RTPReceiverVideo::ParseRtpPacket can be triggered by a crafted WebRTC RTP packet, potentially exposing sensitive information, causing a denial of service, or other unspecified impacts....
CVE-2015-7210
CVE-2015-7210 is a use-after-free in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5, allowing remote code execution by triggering use of a data channel closed by WebRTC. Affected component is the browser WebRTC data channel handling; root cause is use-after-free memory safety issue....
Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2833-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2833-1 advisory. Andrei Vaida, Jesse Ruderman, Bob Clary, Christian Holler, Jesse Ruderman, Eric Rahm, Robert Kaiser, Harald Kirschner, and Michael Henretty discovered...
FreeBSD : mozilla -- multiple vulnerabilities (2c2d1c39-1396-459a-91f5-ca03ee7c64c6)
The Mozilla Project reports : MFSA 2015-134 Miscellaneous memory safety hazards rv:43.0 / rv:38.5 MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation MFSA 2015-137 Firefox allows...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA 2015-134 Miscellaneous memory safety hazards rv:43.0 / rv:38.5 MFSA 2015-135 Crash with JavaScript variable assignment with unboxed objects MFSA 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation MFSA 2015-137 Firefox allows...
Use-after-free in WebRTC when datachannel is used after being destroyed — Mozilla
Security researcher Looben Yang reported a use-after-free error in WebRTC that occurs due to timing issues in WebRTC when closing channels. WebRTC may still believe is has a datachannel open after another WebRTC function has closed it. This results in attempts to use the now destroyed datachannel...