kdelibs security update

CentOS Errata and Security Advisory CESA-2009:1127 Updated kdelibs packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide...

RHEL 4 / 5 : kdelibs (RHSA-2009:1127)

Updated kdelibs packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment KDE. A flaw...

CentOS 3 : kdelibs (CESA-2009:1128)

Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment KDE. A flaw was found i...

RHEL 3 : kdelibs (RHSA-2009:1128)

Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment KDE. A flaw was found i...

kdelibs security update

CentOS Errata and Security Advisory CESA-2009:1128 Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries fo...

kdelibs: KHTML CSS parser - incorrect handling CSS "style" attribute content (DoS, ACE)

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets CSS attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code ...

Important: Red Hat Security Advisory: kdelibs security update

Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment KDE. A flaw was found i...

kdelibs: KHTML CSS parser - incorrect handling CSS "style" attribute content (DoS, ACE)

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets CSS attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code ...

kdelibs security update

kdelibs 6:3.1.3-6.13.0.1 - Remove Version branding in specfile - Maximum rpm trademark logos removed pics/crystalsvg/mime-rpm.png in tarball 6:3.1.3-6.13 - Resolves: 505618, CVE-2009-1698, KHTML CSS parser - incorrect handling CSS style attribute...

DSA-1707-1 iceweasel - several vulnerabilities

Bulletin has no description...

Mozilla Thunderbird < 2.0.0.19 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 2.0.0.19. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption. MFSA 2008-60 - XBL bindings can be used ...

FreeBSD : mozilla -- multiple vulnerabilities (29f5bfc5-ce04-11dd-a721-0030843d3802)

The Mozilla Foundation reports : MFSA 2008-69 XSS vulnerabilities in SessionStore MFSA 2008-68 XSS and JavaScript privilege escalation MFSA 2008-67 Escaped null characters ignored by CSS parser MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters MFSA 2008-65 Cross-doma...

CVE-2008-5510

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines...

Null pointer dereference

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines...

CVE-2008-5510

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines...

CVE-2008-5510

CVE-2008-5510 concerns the CSS parser in Mozilla Firefox (3.x up to 3.0.5 and 2.x up to 2.0.0.19), Thunderbird 2.x up to 2.0.0.19, and SeaMonkey 1.x up to 1.1.14, where the escaped null character (\0) is ignored, potentially allowing remote attackers to bypass sanitization protections. The descri...

Critical: Red Hat Security Advisory: firefox security update

An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the...

Firefox null characters ignored by CSS parser

The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms such as sanitization routines...

RHEL 4 / 5 : firefox (RHSA-2008:1036)

An updated firefox package that fixes various security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the...

mozilla -- multiple vulnerabilities

The Mozilla Foundation reports: MFSA 2008-69 XSS vulnerabilities in SessionStore MFSA 2008-68 XSS and JavaScript privilege escalation MFSA 2008-67 Escaped null characters ignored by CSS parser MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters MFSA 2008-65 Cross-domai...