1190 matches found
CVE-2010-2767
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...
Design/Logic Flaw
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving...
CVE-2010-2760
Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection,...
CVE-2010-3167
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving...
Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.1, xulrunner-1.9.2 vulnerabilities (USN-975-1)
Several dangling pointer vulnerabilities were discovered in Firefox. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-2760, CVE-2010-2767, CVE-2010-3167 Blake Kaplan and Michal Zalewski discovered several weaknesses in t...
FreeBSD : mozilla -- multiple vulnerabilities (4a21ce2c-bb13-11df-8e32-000f20797ede)
The Mozilla Project reports : MFSA 2010-49 Miscellaneous memory safety hazards rv:1.9.2.9/ 1.9.1.12 MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-53 Heap buffer...
USN-975-1: Firefox and Xulrunner vulnerabilities
Several dangling pointer vulnerabilities were discovered in Firefox. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-2760, CVE-2010-2767, CVE-2010-3167 Blake Kaplan and Michal Zalewski discovered several weaknesses in t...
USN-978-1: Thunderbird vulnerabilities
Several dangling pointer vulnerabilities were discovered in Thunderbird. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. CVE-2010-2760, CVE-2010-2767, CVE-2010-3167 It was discovered that the XPCSafeJSObjectWrapper SJOW security...
Mozilla Patches Firefox DLL Load Hijacking Bug
Mozilla has joined Apple in being among the first to fix the DLL load hijacking attack vector that continues to haunt hundreds of Windows applications. The open-source group released Firefox 3.6.9 with patches for a total of 15 vulnerabilities 11 rated critical, including the publicly known DLL...
Mozilla Dangling pointer vulnerability in nsTreeContentView (MFSA 2010-56)
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving...
Mozilla Dangling pointer vulnerability using DOM plugin array (MFSA 2010-51)
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...
Mozilla Dangling pointer vulnerability using DOM plugin array (MFSA 2010-51)
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...
Mozilla Dangling pointer vulnerability in nsTreeContentView (MFSA 2010-56)
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving...
Critical: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...
Mozilla Dangling pointer vulnerability using DOM plugin array (MFSA 2010-51)
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...
Mozilla Dangling pointer vulnerability in nsTreeContentView (MFSA 2010-56)
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving...
SeaMonkey < 2.0.7 Multiple Vulnerabilities
Binary data 5660.prm...
Mozilla Thunderbird < 3.1.3 Multiple Vulnerabilities
Binary data 5659.prm...
Firefox 3.6.x < 3.6.9 Multiple Vulnerabilities
Binary data 800747.prm...
Mozilla Thunderbird 3.0.x < 3.0.7 Multiple Vulnerabilities
Binary data 5658.prm...