5709 matches found
mozilla: CSS reference counter overflow (ZDI-CAN-349)
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
Mozilla Foundation Security Advisory 2008-34
Mozilla Foundation Security Advisory 2008-34 Title: Remote code execution by overflowing CSS reference counter Impact: Critical Announced: July 15, 2008 Reporter: TippingPoint Zero Day Initiative Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.1 Firefox 2.0.0.16 Thunderbird 2.0.0....
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Array index overflow on CSS parsing, crash on GIF processing under Mac OS X, code execution on command-line launch with URI...
Firefox 3.x < 3.0.1 Multiple Vulnerabilities
The installed version of Firefox is affected by various security issues : - By creating a very large number of references to a common CSS object, an attacker can overflow the CSS reference counter, causing a crash when the browser attempts to free the CSS object while still in use and allowing fo...
RHEL 4 : seamonkey (RHSA-2008:0599)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2008:0599 advisory. - mozilla: CSS reference counter overflow ZDI-CAN-349 CVE-2008-2785 Note that Nessus has not tested for this issue but has instead relied only on the...
mozilla: CSS reference counter overflow (ZDI-CAN-349)
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
mozilla: CSS reference counter overflow (ZDI-CAN-349)
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
mozilla: CSS reference counter overflow (ZDI-CAN-349)
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
Firefox < 2.0.0.16 / 3.0.1 Multiple Vulnerabilities
The installed version of Firefox is affected by various security issues : - By creating a very large number of references to a common CSS object, an attacker can overflow the CSS reference counter, causing a crash when the browser attempts to free the CSS object while still in use and allowing fo...
Remote code execution by overflowing CSS reference counter — Mozilla
An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla's internal CSSValue array data structure. The vulnerability was caused by an insufficiently sized variable being used as a reference counter for CSS objects. By creating a very large numbe...
Buffer overflow
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
CVE-2008-2785
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
CVE-2008-2785
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
CVE-2008-2785
The CVE-2008-2785 issue affects Mozilla Firefox (before 2.0.0.16 and 3.x before 3.0.1), Thunderbird (before 2.0.0.16), and SeaMonkey (before 1.1.11). It stems from using an incorrect integer data type as the CSS object reference counter in the CSSValue array (nsCSSValue:Array) data structure, all...
CVE-2008-2785
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...
[SECURITY] Fedora 8 Update: roundcubemail-0.2-0.alpha.fc8
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 9 Update: roundcubemail-0.2-0.alpha.fc9
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 7 Update: roundcubemail-0.2-0.alpha.fc7.1
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
erfurtwiki-lfi.txt
/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: ErfurtWiki = R1.02b css Local...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in F5 FirePass SSL VPN 6.0.2 hotfix 3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via quotes in 1 the cssexceptions parameter in vdesk/admincon/webyfiers.php and 2 the sqlmatchscope parameter in...