USN-1122-1: Thunderbird vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. CVE-2011-0081 It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If...

USN-1112-1: Firefox and Xulrunner vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. CVE-2011-0081 It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker...

Mozilla crash from several marquee elements (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Critical: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Mozilla crash from several marquee elements (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Wireshark: Malformed LDAP filter string causes Denial of Service via excessive memory consumption

epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service memory consumption via 1 a long LDAP filter string or 2 an LDAP filter string containing many elements...

Google Chrome < 9.0.597.107 Multiple Vulnerabilities

Binary data 5807.pasl...

UBUNTU-CVE-2011-0133

WebKit, as used in Apple iTunes before 10.2 on Windows, does not properly access glyph data during layout actions for floating blocks associated with pseudo-elements, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and application...

Apple Safari Webkit Runin Box Promotion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way th...

Google Chrome < 9.0.597.107 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 9.0.597.107. Such versions are reportedly affected by multiple vulnerabilities : - An unspecified error exists in the URL bar operations which can allow spoofing attacks. Issue 54262 - An unspecified error exists in the...

CVE-2011-1118

Google Chrome before 9.0.597.107 does not properly handle TEXTAREA elements, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted HTML document...

CVE-2011-1118

Removed by vendor...

CVE-2011-1118

CVE-2011-1118 affects Google Chrome prior to 9.0.597.107. The vulnerability arises from improper handling of TEXTAREA elements, which can allow remote attackers to crash the browser (DoS) or cause unspecified additional impact via a crafted HTML document. Publicly linked references indicate this ...

Kaspersky Antivirus protection bypass

User can bypass application protection by activating inactive interface elements with EnableWindow...

Nokia under scanner of Indian Intelligence Agency for its Push Email service and SMS !

Department of Telecommunication DOT has been asked by The Intelligence Bureau IB0 to stop the messaging services of Nokia in India until they can be monitored. Once again security concerns have clouded Intelligence department's mind and the incident is not first of its kind. Earlier too similar...

CVE-2011-0473

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets CSS token sequences in conjunction with CANVAS elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that le...

CVE-2011-0478

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

CVE-2011-0478

Removed by vendor...

CVE-2011-0478

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

Microsoft Unveils Enhanced Security Features for Internet Explorer 9

Microsoft has detailed new security features for Internet Explorer 9 IE9 that will help users prevent sites from tracking their activity across browsing sessions. The new feature, set to launch with the first release candidate of IE9 early next year, uses a list to control which third-party...