Debian: Security Advisory (DSA-1614-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5450)

MozillaFirefox was updated to version 2.0.0.16, which fixes various bugs and following security issues : - An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The vulnerability was caused by an insufficiently...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5449)

MozillaFirefox was updated to version 2.0.0.16, which fixes various bugs and following security issues : MFSA 2008-34 CVE-2008-2785: An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla CSS reference counting code. The vulnerability was caus...

Debian DSA-1621-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...

DSA-1621-1 icedove - several vulnerabilities

Bulletin has no description...

Mozilla Thunderbird < 2.0.0.16 Multiple Vulnerabilities

Binary data 4609.prm...

Debian DSA-1614-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter...

Debian DSA-1615-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...

mozilla: CSS reference counter overflow (ZDI-CAN-349)

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...

Mozilla Foundation Security Advisory 2008-34

Mozilla Foundation Security Advisory 2008-34 Title: Remote code execution by overflowing CSS reference counter Impact: Critical Announced: July 15, 2008 Reporter: TippingPoint Zero Day Initiative Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.1 Firefox 2.0.0.16 Thunderbird 2.0.0....

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Array index overflow on CSS parsing, crash on GIF processing under Mac OS X, code execution on command-line launch with URI...

RHEL 4 : seamonkey (RHSA-2008:0599)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2008:0599 advisory. - mozilla: CSS reference counter overflow ZDI-CAN-349 CVE-2008-2785 Note that Nessus has not tested for this issue but has instead relied only on the...

Firefox 3.x < 3.0.1 Multiple Vulnerabilities

The installed version of Firefox is affected by various security issues : - By creating a very large number of references to a common CSS object, an attacker can overflow the CSS reference counter, causing a crash when the browser attempts to free the CSS object while still in use and allowing fo...

mozilla: CSS reference counter overflow (ZDI-CAN-349)

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...

mozilla: CSS reference counter overflow (ZDI-CAN-349)

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...

mozilla: CSS reference counter overflow (ZDI-CAN-349)

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...

Firefox < 2.0.0.16 / 3.0.1 Multiple Vulnerabilities

The installed version of Firefox is affected by various security issues : - By creating a very large number of references to a common CSS object, an attacker can overflow the CSS reference counter, causing a crash when the browser attempts to free the CSS object while still in use and allowing fo...

Remote code execution by overflowing CSS reference counter — Mozilla

An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla's internal CSSValue array data structure. The vulnerability was caused by an insufficiently sized variable being used as a reference counter for CSS objects. By creating a very large numbe...

Buffer overflow

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...

CVE-2008-2785

Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array aka nsCSSValue:Array data structure, which allows remote attackers to execute arbitrary code vi...