Debian DSA-1999-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1571 Alin Rad Pop discovered that incorrect memory...

CVE-2009-1571

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

Design/Logic Flaw

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

CVE-2009-1571

CVE-2009-1571 describes a use-after-free vulnerability in the HTML parser affecting Mozilla Firefox 3.0.x (before 3.0.18) and 3.5.x (before 3.5.8), Thunderbird before 3.0.2, and SeaMonkey before 2.0.3. The issue allows remote attackers to execute arbitrary code by triggering access to freed objec...

CVE-2009-1571

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

FreeBSD : mozilla -- multiple vulnerabilities (f82c85d8-1c6e-11df-abb2-000f20797ede)

Mozilla Project reports : MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability MFSA 2010-0...

Mozilla Foundation Security Advisory 2010-03

Mozilla Foundation Security Advisory 2010-03 Title: Use-after-free crash in HTML parser Impact: Critical Announced: February 17, 2010 Reporter: Alin Rad Pop Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6 Firefox 3.5.8 Firefox 3.0.18 Thunderbird 3.0.2 SeaMonkey 2.0.3 Description...

DSA-1999-1 xulrunner - several vulnerabilities

Bulletin has no description...

Mozilla SeaMonkey < 2.0.3 Multiple Vulnerabilities

Binary data 801219.prm...

SeaMonkey < 2.0.3 Multiple Vulnerabilities

Binary data 5343.prm...

Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-895-1)

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-0159 Orlando Barrera II...

SeaMonkey < 2.0.3 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.0.3. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. MFSA 2010-01 - The implementation of 'Web Workers' contained an error in its handling of array data types...

Mozilla incorrectly frees used memory (MFSA 2010-03)

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

USN-895-1: Firefox 3.0 and Xulrunner 1.9 vulnerabilities

Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2010-0159 Orlando Barrera II...

Mozilla incorrectly frees used memory (MFSA 2010-03)

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

CVE-2009-1571

Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that attempt to access freed objects in low-memory...

mozilla -- multiple vulnerabilities

Mozilla Project reports: MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability MFSA 2010-01...

Use-after-free crash in HTML parser — Mozilla

Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controll...

CentOS 5 : kdelibs (CESA-2009:1127)

Updated kdelibs packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs packages provide libraries for the K Desktop Environment KDE. A flaw...

SLES11: Security update for perl-HTML-Parser

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: perl-HTML-Parser More details may also be found by searching for the SuSE Enterprise Server 11 patch database located at...