Multiple dangling pointer vulnerabilities — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks before accessing list elements. If a user-supplied callback deleted such an object, the...

Mozilla Firefox 3.6.x < 3.6.18 Multiple Vulnerabilities

Binary data 801252.prm...

Mozilla Firefox - nsTreeRange Dangling Pointer (2)

Mozilla Firefox - nsTreeRange Dangling Pointer 2 Advisory : Abysssec Public Exploit : This module exploits a code execution vulnerability in Mozilla Firefox = 3.6.16 caused by nsTreeSelection element. The specific flaw exists within the way Firefox handles user defined functions of a...

Debian Security Advisory DSA 2228-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 2228-1. OpenVAS Vulnerability Test $Id: deb22281.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2228-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian Security Advisory DSA 2227-1 (iceape)

The remote host is missing an update to iceape announced via advisory DSA 2227-1. OpenVAS Vulnerability Test $Id: deb22271.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2227-1 iceape Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian DSA-2235-1 : icedove - several vulnerabilities

Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client. - CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 'Scoobidiver', Ian Beer Bob Clary, Henri Sivonen, Marc...

[SECURITY] [DSA 2235-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2235-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 10, 2011 http://www.debian.org/security/faq -...

ZDI-11-157: Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability

ZDI-11-157: Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-157 May 9, 2011 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Mozilla -- Affected Products: Mozilla Firefox -- TippingPointTM IPS Customer...

Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the OnChannelRedirect method. When an...

DSA-2235-1 icedove - several

Bulletin has no description...

Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox...

CVE-2011-0073

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."...

Mandriva Update for firefox MDVSA-2011:079 (firefox)

Check for the Version of firefox OpenVAS Vulnerability Test Mandriva Update for firefox MDVSA-2011:079 firefox Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-4459)

Mozilla Firefox was updated to the 3.6.17 security release. MFSA 2011-12: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances,...

Mandriva Update for firefox MDVSA-2011:079 (firefox)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 4463)

Mozilla Firefox was updated to the 3.6.17 security release. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we...

[BSA-034] Security Update for iceweasel

Mike Hommey uploaded new packages for iceweasel which fixed the following security problems: CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 "Scoobidiver", Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren...

Debian DSA-2227-1 : iceape - several vulnerabilities

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 'Scoobidiver', Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo...

Mandriva Linux Security Advisory : firefox (MDVSA-2011:079)

Chris Evans of the Chrome Security Team reported that the XSLT generate-id function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while...

Debian DSA-2228-1 : iceweasel - several vulnerabilities

Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox : - CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 'Scoobidiver', Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren,...