Firefox 3.6.x < 3.6.7 Multiple Vulnerabilities

Binary data 800780.prm...

SeaMonkey 2.0.x < 2.0.6 Multiple Vulnerabilities

Binary data 800871.prm...

Mozilla Firefox 3.5.x < 3.5.11 Multiple Vulnerabilities

Binary data 5606.prm...

SeaMonkey < 2.0.6 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.0.6. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could result in memory corruption, potentially resulting in arbitrary code execution. MFSA 2010-34 - An error in DOM attribute cloning...

Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to a workaround tha...

Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementati...

nsTreeSelection dangling pointer remote code execution vulnerability — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an integer overflow vulnerability in the implementation of the XUL element's selection attribute. When the size of a new selection is sufficiently large the integer used in calculating the length of the selection can...

DOM attribute cloning remote code execution vulnerability — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the DOM attribute cloning routine where under certain circumstances an event attribute node can be deleted while another object still contains a reference to it. This reference could subsequently be accesse...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2010-34 Miscellaneous memory safety hazards rv:1.9.2.7/ 1.9.1.11 MFSA 2010-35 DOM attribute cloning remote code execution vulnerability MFSA 2010-36 Use-after-free error in NodeIterator MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code executi...

CVE-2010-2663

Opera before 10.60 allows remote attackers to cause a denial of service application hang via an ended event handler that changes the SRC attribute of an AUDIO element...

kernel security and bug fix update

2.6.9-89.0.26.0.1.EL - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

CVE-2010-2297

rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table...

CVE-2010-2297

rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an HTML document that has a large colspan attribute within a table...

Code injection

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...

CVE-2010-1393

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to discover sensitive URLs via an HREF attribute associated with a redirecting URL...

Apache Tomcat 6.x < 6.0.9 Information Disclosure

According to its self-reported version number, the instance of Apache Tomcat 6.x listening on the remote host is prior to 6.0.9. It is, therefore, affected by an information disclosure vulnerability. If the remote Apache Tomcat install is configured to use the SingleSignOn Valve, the JSESSIONIDSS...

Apple Plugs 48 Security Holes in Safari Browser

Apple has shipped new versions of its Safari browser with patches for at least 48 security vulnerabilities. The Safari 4.1 and 5.0 updates, considered “highly critical,” is available for both Windows and Mac OS X. Exploitation of some of these vulnerabilities could lead to drive-by download remot...

Apple Webkit Attribute Child Removal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute remote code on vulnerable installations of Apple Webkit. User interaction is required in that a target must be coerced into visiting a malicious page. The specific flaw exists within Webkit's process for destructing attribute objects via the...

Orbit Downloader metalink 'name' Directory Traversal Vulnerability

This host is installed with Orbit Downloader and is prone to directory traversal vulnerability. OpenVAS Vulnerability Test $Id: gborbitdownloadermetalinkdirtraversalvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Orbit Downloader metalink 'name' Directory Traversal Vulnerability Authors: Sooraj KS...

CVE-2010-2152

Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document...