Ubuntu 11.10 : thunderbird vulnerabilities (USN-1282-1)

Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this fl...

Ubuntu 11.04 / 11.10 : mozvoikko, ubufox update (USN-1277-2)

USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the u...

Ubuntu 11.04 / 11.10 : firefox vulnerabilities (USN-1277-1)

Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this fl...

Ubuntu Update for mozvoikko USN-1277-2

Ubuntu Update for Linux kernel vulnerabilities USN-1277-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN12772.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for mozvoikko USN-1277-2 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net Th...

Mozilla Foundation Security Advisory 2011-49

Mozilla Foundation Security Advisory 2011-49 Title: Memory corruption while profiling using Firebug Impact: Critical Announced: November 8, 2011 Reporter: Marc Schoenefeld Products: Firefox, Thunderbird Fixed in: Firefox 8.0 Firefox 3.6.24 Thunderbird 8.0 Thunderbird 3.1.16 Description Marc...

MozillaFirefox secuirty update (critical)

MozillaFirefox was updated to version 8 bnc728520 to fix the following security issues: MFSA 2011-47/CVE-2011-3648 bmo690225 Potential XSS against sites using Shift-JIS MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards MFSA 2011-49/CVE-2011-3650 bmo674776...

MozillaFirefox (critical)

MozillaFirefox has been updated to version 3.6.24 to fix the following security issues: MFSA 2011-46/CVE-2011-3647 bmo680880 loadSubScript unwraps XPCNativeWrapper scope parameter MFSA 2011-47/CVE-2011-3648 bmo690225 Potential XSS against sites using Shift-JIS MFSA 2011-49/CVE-2011-3650 bmo674776...

Mozilla Products XSS and Memory Corruption Vulnerabilities (Windows)

The host is installed with Mozilla firefox/thunderbird and is prone to cross site scripting and memory corruption vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsxssnmemcrptnvulnwin.nasl 7006 2017-08-25 11:51:20Z teissa $ Mozilla Products XSS and Memory Corruption Vulnerabilities...

Mozilla Products XSS and Memory Corruption Vulnerabilities (MAC OS X)

The host is installed with Mozilla firefox/thunderbird and is prone to cross site scripting and memory corruption vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsxssnmemcrptnvulnmacosx.nasl 7052 2017-09-04 11:50:51Z teissa $ Mozilla Products XSS and Memory Corruption Vulnerabilitie...

Mozilla Products XSS and Memory Corruption Vulnerabilities - Mac OS X

Mozilla Firefox/Thunderbird is prone to cross site scripting and memory corruption vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Mozilla Products XSS and Memory Corruption Vulnerabilities - Windows

Mozilla Firefox/Thunderbird is prone to cross site scripting and memory corruption vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Ubuntu: Security Advisory (USN-1251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS / 10.10 : firefox, xulrunner-1.9.2 vulnerabilities (USN-1251-1)

It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Firefox 3.6. An attacker could potentially exploit Firefox when an add-on was installed that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the Mozill...

USN-1251-1: Firefox and Xulrunner vulnerabilities

It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Firefox 3.6. An attacker could potentially exploit Firefox when an add-on was installed that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the Mozill...

CVE-2011-3650

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

Memory corruption

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

CVE-2011-3650

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

CVE-2011-3650

CVE-2011-3650 affects Mozilla Firefox versions prior to 3.6.24 and 4.x through 7.0, and Thunderbird prior to 3.1.6 and 5.0 through 7.0. The issue arises from how JavaScript files that contain many functions are handled when accessed via debugging APIs, enabling a user‑assisted attacker to trigger...

Memory corruption while profiling using Firebug — Mozilla

Marc Schoenefeld reported a crash when using Firebug to profile a JavaScript file with many functions. It may be possible to trigger this crash without the use of debugging APIs, and if so this could be exploitable...

Mozilla Firefox Firebug扩展'chrome:'跨域脚本漏洞

Bugtraq ID: 48340 Firebug是Firefox下的一款开发类插件，集HTML查看和编辑、Javascript控制台、网络状况监视器于一体。 处理某些脚本时HTML解析器存在错误，诱使用户访问恶意站点和通过Net Panle查看HTML输出，可以"chrome:"上下文执行任意代码。 Firebug 1.7.2 https://addons.mozilla.org/en-US/firefox/addon/1843 升级到1.7.3 html headfirebug 0day/head body img src=2 onerror='var file =...