9 matches found
EUVD-2017-16757
Malware in sbrugna...
CVE-2020-8230
A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory...
Code injection
An error in the "WindowsDllDetourPatcher" where a RWX "Read/Write/Execute" 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird 52.3, Firefox...
[ASA-201703-3] firefox: multiple issues
Arch Linux Security Advisory ASA-201703-3 ========================================= Severity: Critical Date : 2017-03-10 CVE-ID : CVE-2017-5398 CVE-2017-5399 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5403 CVE-2017-5404 CVE-2017-5405 CVE-2017-5406 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410...
[ASA-201703-2] thunderbird: multiple issues
Arch Linux Security Advisory ASA-201703-2 ========================================= Severity: Critical Date : 2017-03-10 CVE-ID : CVE-2017-5398 CVE-2017-5400 CVE-2017-5401 CVE-2017-5402 CVE-2017-5404 CVE-2017-5405 CVE-2017-5407 CVE-2017-5408 CVE-2017-5410 Package : thunderbird Type : multiple...
KLA10970 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities have been found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, run arbitrary code and cause a denial of service. Below is a complete list of vulnerabilities 1. Memory curruption vulnerability in asm.js ca...
Mozilla Firefox ESR 45.x < 45.7 Multiple Vulnerabilities (macOS)
The version of Mozilla Firefox ESR installed on the remote macOS or Mac OS X host is 45.x prior to 45.7. It is, therefore, affected by the following vulnerabilities : - Mozilla developers and community members Christian Holler, Gary Kwong, Andre Bargull, Jan de Mooij, Tom Schuster, and Oriol...
Security vulnerabilities fixed in Firefox ESR 45.7 — Mozilla
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. Use-after-free while manipulating XSL in XSLT documents Hashed codes of JavaScript objects are shared between pages. This allows for pointer leaks because an object’s address can...
Cool Exploit Kit Includes Old Internet Explorer Exploit
You cannot accuse the keepers of the Cool Exploit Kit of not recognizing market trends. Given a rash of recent watering hole attacks and zero-day exploits built around Microsoft’s Internet Explorer browser, it’s no surprise that a 15-month-old IE exploit has been included in the crimeware package...