CVE-2009-1571

CVE-2009-1571 describes a use-after-free vulnerability in the HTML parser affecting Mozilla Firefox 3.0.x (before 3.0.18) and 3.5.x (before 3.5.8), Thunderbird before 3.0.2, and SeaMonkey before 2.0.3. The issue allows remote attackers to execute arbitrary code by triggering access to freed objec...

CVE-2009-1571

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

FreeBSD : mozilla -- multiple vulnerabilities (f82c85d8-1c6e-11df-abb2-000f20797ede)

Mozilla Project reports : MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability MFSA 2010-0...

Mozilla Foundation Security Advisory 2010-03

Mozilla Foundation Security Advisory 2010-03 Title: Use-after-free crash in HTML parser Impact: Critical Announced: February 17, 2010 Reporter: Alin Rad Pop Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6 Firefox 3.5.8 Firefox 3.0.18 Thunderbird 3.0.2 SeaMonkey 2.0.3 Description...

SeaMonkey < 2.0.3 Multiple Vulnerabilities

Binary data 5343.prm...

DSA-1999-1 xulrunner - several vulnerabilities

Bulletin has no description...

Mozilla SeaMonkey < 2.0.3 Multiple Vulnerabilities

Binary data 801219.prm...

Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-895-1)

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-0159 Orlando Barrera II...

SeaMonkey < 2.0.3 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.0.3. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. MFSA 2010-01 - The implementation of 'Web Workers' contained an error in its handling of array data types...

Mozilla incorrectly frees used memory (MFSA 2010-03)

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

USN-895-1: Firefox 3.0 and Xulrunner 1.9 vulnerabilities

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-0159 Orlando Barrera II...

Mozilla incorrectly frees used memory (MFSA 2010-03)

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

CVE-2009-1571

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

Use-after-free crash in HTML parser — Mozilla

Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controll...

mozilla -- multiple vulnerabilities

Mozilla Project reports: MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability MFSA 2010-01...

CentOS 5 : kdelibs (CESA-2009:1127)

Updated kdelibs packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment KDE. A flaw...

SLES11: Security update for perl-HTML-Parser

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: perl-HTML-Parser More details may also be found by searching for the SuSE Enterprise Server 11 patch database located at...

SLES11: Security update for perl-HTML-Parser

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: perl-HTML-Parser More details may also be found by searching for the SuSE Enterprise Server 11 patch database linked in the references. SPDX-FileCopyrightTex...

SuSE 10 Security Update : perl-HTML-Parser (ZYPP Patch Number 6621)

Specially crafted HTML documents could cause perl-HTML-Parser to run into an endless loop. CVE-2009-3627 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid43086;...

SuSE 11 Security Update : perl-HTML-Parser (SAT Patch Number 1495)

Specially crafted HTML documents could cause perl-HTML-Parser to run into an endless loop. CVE-2009-3627 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novel...