SUSE CVE-2014-1564

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated...

SUSE-SU-2020:0319-1 Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issue: Security issues fixed: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. - CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted g...

SUSE-SU-2020:0318-1 Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issue: Security issue fixed: - CVE-2020-0569: Fixed a potential local code execution by loading plugins from CWD bsc1161167. - CVE-2018-19870: Fixed an improper check in QImage allocation which could allow Denial of Service when opening crafted gi...

Mozilla Firefox ESR < 31.2 Multiple Vulnerabilities

Binary data 701248.prm...

Android-Gif-Drawable Open Source Stock in Code Execution Vulnerability

Android-Gif-Drawable is an open source library for Android Gif view and drawing . Android-Gif-Drawable through the JNI bundled Giflib way to render the number of frames , based on this way of rendering will be more efficient than the use of WebView class or Movie class . Android-Gif-Drawable open...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:1655-1)

seamonkey was updated to version 2.31 to fix 20 security issues. These security issues were fixed : - Miscellaneous memory safety hazards CVE-2014-1587, CVE-2014-1588. - XBL bindings accessible via improper CSS declarations CVE-2014-1589. - XMLHttpRequest crashes with some input streams...

openSUSE Security Update : firefox / mozilla-nspr / mozilla-nss and seamonkey (openSUSE-SU-2014:1345-1)

update to Firefox 33.0 bnc900941 New features : - OpenH264 support sandboxed - Enhanced Tiles - Improved search experience through the location bar - Slimmer and faster JavaScript strings - New CSP Content Security Policy backend - Support for connecting to HTTP proxy over HTTPS - Improved...

openSUSE Security Update : firefox / mozilla-nspr / mozilla-nss (openSUSE-SU-2014:1344-1)

update to Firefox 33.0 bnc900941 New features : - OpenH264 support sandboxed - Enhanced Tiles - Improved search experience through the location bar - Slimmer and faster JavaScript strings - New CSP Content Security Policy backend - Support for connecting to HTTP proxy over HTTPS - Improved...

CVE-2014-1580

Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GIF data within a CANVAS element...

Firefox < 33.0 Multiple Vulnerabilities

The version of Firefox installed on the remote Windows host is a version prior to 33.0. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary...

Ubuntu 14.04 LTS : Thunderbird vulnerabilities (USN-2330-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2330-1 advisory. Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in...

USN-2330-1: Thunderbird vulnerabilities

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to...

USN-2330-1 thunderbird vulnerabilities

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to...

CVE-2014-1564

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated...

Information disclosure

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated...

Firefox 32 Debuts With Public-Key Pinning, Several Security Fixes

Mozilla has released Firefox 32, the latest version of its browser, which now supports public-key pinning and also includes fixes for several critical security vulnerabilities. The move to support public-key pinning is an important one for Firefox, as it helps protect users against...

CVE-2014-1564

CVE-2014-1564 affects Mozilla Firefox (and Firefox ESR 31.x) before version 32.0 and Thunderbird before 31.1. The issue is a memory initialization flaw in the GIF rendering path, causing an information leak from the process memory via crafted GIFs and interactions with a CANVAS element. Impact is...

CVE-2014-1564

Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 do not properly initialize memory for GIF rendering, which allows remote attackers to obtain sensitive information from process memory via crafted web script that interacts with a CANVAS element associated...

Firefox < 32.0 Multiple Vulnerabilities

The version of Firefox installed on the remote host is a version prior to 32.0. It is, therefore, affected by the following vulnerabilities : - Multiple memory safety flaws exist within the browser engine. Exploiting these, an attacker can cause a denial of service or execute arbitrary code...

Ubuntu: Security Advisory (USN-2329-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...