326 matches found
Auto-update compromise through DNS and SSL spoofing — Mozilla
The Firefox and Thunderbird auto-update mechanism protects itself against DNS spoofing using SSL; only a site presenting a valid certificate for aus2.mozilla.org will be trusted as a source of update information. Jon Oberheide points out, however, that many users accept unverifiable self-signed...
mozilla -- multiple vulnerabilities
The Mozilla Foundation reports of multiple security issues in Firefox, Seamonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. MFSA 2006-64 Crashes with evidence of memory corruption rv:1.8.0.7 MFSA 2006-63...
[Full-disclosure] [TZO-042006] Insecure Auto-Update and File execution
Zango Adware - Insecure Auto-Update and File execution Reference : TZO-042006-Zango Author : Thierry Zoller Advisory : http://secdev.zoller.lu/research/zango.htm Shameless Plug : I would like to take the opportunity to invite you to the Security Conference known as "Hack.lu 2006" in the Grand-Duc...
Toshiba Software Auto-Update Detection
Binary data 2296.prm...
CVE-1999-1526
The CVE-1999-1526 entry concerns Macromedia Shockwave 7’s auto-update feature, which transmits a user’s password and hard disk information back to Macromedia. The document indicates this affects confidentiality (partial impact) with no stated impact to integrity or availability and does not speci...
Azure File Sync Agent v8 Release – October 2019
None None...