MozillaFirefox: Update to Firefox 3.6.23 (important)

Mozilla Firefox was updated to version 3.6.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption...

mozilla-xulrunner192: Update to Mozilla XULRunner 1.9.2.23 (important)

Mozilla XULRunner was updated to version 1.9.2.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory...

firefox, xulrunner security update

CentOS Errata and Security Advisory CESA-2011:1341 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System...

RHEL 6 : thunderbird (RHSA-2011:1342)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2011:1342 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. An HTML...

Firefox 3.6.x < 3.6.23 Multiple Vulnerabilities

The installed version of Firefox 3.6.x is earlier than 3.6.23 and is affected by the following vulnerabilities: - An integer underflow exists when handling a large JavaScript 'RegExp' expression that can allow a potentially exploitable crash. CVE-2011-2998 - If an attacker could trick a user into...

Mozilla Firefox 3.6 < 3.6.23 Multiple Vulnerabilities

Binary data 801241.prm...

Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1213-1)

Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...

FreeBSD : Mozilla -- multiple vulnerabilities (1fade8a3-e9e8-11e0-9580-4061862b8c22)

The Mozilla Project reports : MFSA 2011-36 Miscellaneous memory safety hazards rv:7.0 / rv:1.9.2.23 MFSA 2011-37 Integer underflow when using JavaScript RegExp MFSA 2011-38 XSS via plugins and shadowed window.location object MFSA 2011-39 Defense against multiple Location headers due to CRLF...

RHEL 4 / 5 / 6 : firefox (RHSA-2011:1341)

The remote Redhat Enterprise Linux 4 / 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1341 advisory. - Mozilla: Code installation through holding down Enter MFSA 2011-40 CVE-2011-2372 - Mozilla: Miscellaneous memory safety hazards MF...

Mozilla: Integer underflow when using JavaScript RegExp (MFSA 2011-37)

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via JavaScript code containing a large RegExp expression...

Critical: Red Hat Security Advisory: seamonkey security update

Updated seamonkey packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Mozilla: Integer underflow when using JavaScript RegExp (MFSA 2011-37)

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via JavaScript code containing a large RegExp expression...

Mozilla: Integer underflow when using JavaScript RegExp (MFSA 2011-37)

Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via JavaScript code containing a large RegExp expression...

USN-1210-1: Firefox and Xulrunner vulnerabilities

Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...

Integer underflow when using JavaScript RegExp — Mozilla

Mark Kaplan reported a potentially exploitable crash due to integer underflow when using a large JavaScript RegExp expression. We would also like to thank Mark for contributing the fix for this problem...

Mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2011-36 Miscellaneous memory safety hazards rv:7.0 / rv:1.9.2.23 MFSA 2011-37 Integer underflow when using JavaScript RegExp MFSA 2011-38 XSS via plugins and shadowed window.location object MFSA 2011-39 Defense against multiple Location headers due to CRLF...

DSA-2310-1 linux-2.6 - several issues

Bulletin has no description...

Debian DSA-2303-2 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-1020 Kees Cook discovered an issue in the /proc filesystem that allows loc...

DSA-2303-1 linux-2.6 - several issues

Bulletin has no description...