SUSE CVE-2009-2953

Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service CPU consumption via JavaScript code with a long string value for the hash property aka location.hash, a related issue to CVE-2008-5715...

SUSE CVE-2009-3069

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

SUSE CVE-2009-3371

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code by creating JavaScript web-workers recursively...

SUSE CVE-2009-3378

The oggplaydatahandletheoraframe function in media/liboggplay/src/liboggplay/oggplaydata.c in liboggplay, as used in Mozilla Firefox 3.5.x before 3.5.4, attempts to reuse an earlier frame data structure upon encountering a decoding error for the first frame, which allows remote attackers to cause...

SUSE CVE-2010-3174

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

SUSE CVE-2011-0075

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

DubSite CMS 1.0 - CSRF Vulnerability

No description provided by source. Pentest Information: ==================== Connection has discovered a Cross Site Request ForgeryCSRF vulnerability in DubSite CMS v1.0 Details ======= Tested on OS: Windows XP Tested with Software: Mozilla Firefox 3.5.x Vulnerable Products: DubSite CMS Affected...

Firefox 3.5 - escape Memory Corruption Exploit

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)

Mozilla XULRunner 1.9.1 was updated to version 1.9.1.17, fixing various security issues. Following security issues were fixed: MFSA 2010-74 / CVE-2010-3777: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products...

Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

CVE-2011-0075

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-4070)

MozillaThunderbird was updated to version 3.1.8, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

Mozilla use after free flaw (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Firefox 3.5 < 3.5.17 Multiple Vulnerabilities

The installed version of Firefox 3.5 is earlier than 3.5.17. Such versions are potentially affected by multiple vulnerabilities : - Multiple memory corruption errors exist and may lead to arbitrary code execution. MFSA 2010-74, MFSA 2011-01 - An error exists in the processing of recursive calls t...

SuSE 11 Security Update : Mozilla XULrunner (SAT Patch Number 2255)

Mozilla XULRunner was updated to version 1.9.0.19 fixing lots of bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes show...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3429)

Mozilla Thunderbird was updated to 3.0.10 to fix one critical security issue. MFSA 2010-73 / CVE-2010-3765: Morten Krkvik of Telenor SOC reported an exploit targeting particular versions of Firefox 3.6 on Windows XP that Telenor found while investigating an intrusion attempt on a customer network...

Mozilla Firefox 3.5.x < 3.5.15 Buffer Overflow Vulnerability

Binary data 801274.prm...

SuSE 10 Security Update : Mozilla XULrunner (ZYPP Patch Number 6971)

Mozilla XULRunner was updated to version 1.9.0.19 fixing lots of bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes show...

Mozilla Firefox 3.5 - &#039;escape()&#039; Return Value Memory Corruption (Metasploit)

$Id: firefoxescaperetval.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2010-2753

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-fre...