CVE-2009-1701

Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service application crash by destroying a...

CVE-2009-1703

WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...

CVE-2009-1703

WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...

CVE-2009-1703

WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...

CVE-2009-1703

WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...

CVE-2009-1710

WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...

CVE-2009-1709

Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service heap corruption and application crash via an SVG animation element, related to SVG set objects, SVG...

CVE-2009-1703

Removed by vendor...

CVE-2009-1572

The BGP daemon bgpd in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service crash via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error...

Code injection

Apple Safari 3.2.2 and 4 Beta on Windows allows remote attackers to cause a denial of service application crash via an XML document containing many nested A elements...

Firefox XUL Linked Clones Double Free Vulnerability

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

Mozilla Seamonkey Multiple Vulnerabilities (Mar 2009) - Windows

Mozilla Seamonkey browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Double free

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

CVE-2009-0775

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

CVE-2009-0775

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

CVE-2009-0775

CVE-2009-0775 is a Mozilla Firefox/Thunderbird/SeaMonkey vulnerability described in the MiracleLinux AXSA advisory as a Double free in cloned XUL DOM elements linked as parent/child that are mishandled during garbage collection. A remote attacker could potentially execute arbitrary code by crafti...

Firefox 3 crashes in the JavaScript engine

The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a splice of an array that contains "some non-set elements," which causes jsarray.cpp to pas...

Mozilla Firefox XUL Linked Clones Double Free Vulnerability — Mozilla

An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla's garbage collection process. The vulnerability was caused by improper memory management of a set of cloned XUL DOM elements which were linked as a parent and child. After reloading the...

CVE-2009-0775

Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not properly handled during garbage collection...

CVE-2008-0971

Multiple cross-site scripting XSS vulnerabilities in index.cgi in Barracuda Spam Firewall BSF before 3.5.12.007, Message Archiver before 1.2.1.002, Web Filter before 3.3.0.052, IM Firewall before 3.1.01.017, and Load Balancer before 2.3.024 allow remote attackers to inject arbitrary web script or...