Firefox < 36.0.3 JIT Code Execution (Mac OS X)

The version of Mozilla Firefox installed on the remote Mac OS X host is prior to 36.0.3. It is, therefore, affected by a remote code execution vulnerability due to an out-of-bounds error in typed array bounds checking within 'asmjs/AsmJSValidate.cpp', which relates to just-in-time compilation for...

UBUNTU-CVE-2015-0817

The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA-2015-28 Privilege escalation through SVG navigation MFSA-2015-29 Code execution through incorrect JavaScript bounds checking elimination...

Code execution through incorrect JavaScript bounds checking elimination — Mozilla

Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation JIT and its management of bounds checking for heap access. This flaw can be leveraged into the reading an...

MICROSYS PROMOTIC Buffer Overflow Vulnerability

MICROSYS PROMOTIC is a SCADA software. MICROSYS PROMOTIC suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code or launch a denial-of-service attack within the context of the application because the program fails to properly bounds check...

MGASA-2015-0091 Updated python packages fix CVE-2014-9365

Updated python packages fix security vulnerability: When Python's standard library HTTP clients httplib, urllib, urllib2, xmlrpclib are used to access resources with HTTPS, by default the certificate is not checked against any trust store, nor is the hostname in the certificate checked against th...

Firefox 37 to Include New OneCRL Certificate Blocklist

The next version of Mozilla Firefox will include a new certificate revocation list that will speed up and streamline the process of revoking intermediate certificates trusted by the browser. The new feature, known as OneCRL, is meant as a replacement for the old OCSP online certificate status...

Ruby on Rails: rails-ujs will send CSRF tokens to other origins

I reported this via email a few months ago. Here was my initial email: Hello, I've been playing with getting Rails apps to send CSRF tokens to the wrong domains and I found a few problems. The main motivation for this is in attacking a site that uses Content Security Policy. With CSP enabled, an...

[SECURITY] Fedora 20 Update: roundcubemail-1.0.5-1.fc20

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Microsoft Virtual Machine Manager privilege escalation

Insufficient users role checking...

UBUNTU-CVE-2014-9665

The LoadSBitPng function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or possibly have unspecified other impact by embedding a PNG file...

Libmspack 'mspack/mszipd.c' Buffer Overflow Vulnerability

Libmspack is a library that compresses and decompresses files in Microsoft's CAB, CHM and HLP formats. A buffer overflow vulnerability exists in Libmspack that stems from the program's failure to perform proper bounds checking on user-submitted input. An attacker could exploit this vulnerability ...

SuSE 11.3 Security Update : binutils (SAT Patch Number 10214)

binutils has been updated to fix eight security issues : - Lack of range checking leading to controlled write in bfdelfsetupsections. CVE-2014-8485 - Invalid read flaw in libbfd. CVE-2014-8484 - Write to uninitialized memory in the PE parser. CVE-2014-8501 - Crash in the PE parser. CVE-2014-8502 ...

SWFupload 2.5.0 - Cross Frame Scripting (XFS) Vulnerability

Document Title: =============== SWFupload 2.5.0 - Cross Frame Scripting XFS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1422 Release Date: ============= 2015-01-25 Vulnerability Laboratory ID VL-ID: ====================================...

XChat Bounds Checking Buffer Overflow (CVE-2011-5129)

A buffer overflow vulnerability exists in XChat. Successful exploitation of this vulnerability will cause a crash, and may allow injection and execution of arbitrary code. The vulnerability is due to insufficient bounds checking. A remote attacker could exploit this vulnerability by sending a...

Honeywell OPOS Suite Multiple ActiveX Controls Open Method Stack Buffer Overflow (CVE-2014-8269)

A buffer overflow vulnerability has been reported in Honeywell OPOS Suite. The vulnerability is due to improper bounds checking while processing the Open method calls within the HWOPOSScale.ocx ActiveX control and the HWOPOSSCANNER.ocx ActiveX control. An attacker can exploit this vulnerability b...

[SECURITY] Fedora 20 Update: roundcubemail-1.0.4-2.fc20

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

CVE-2014-9586

The root cause of these vulnerabilities is a lack of bounds checking in protocol parsing C++ code emitted by the binpac utility...

Wireshark LWRES Dissector getaddrsbyname Buffer Overflow - Ver2 (CVE-2010-0304)

A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to insufficient boundary checking in the getaddrsbyname method. A remote attacker may exploit this vulnerability by sending an overly long string parameter to this method. Successful exploitation would allow...

[SECURITY] [DSA 3111-1] cpio security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3111-1 [email protected] http://www.debian.org/security/ Michael Gilbert December 22, 2014 http://www.debian.org/security/faq -...