Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2015) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

FreeBSD -- Multiple integer overflows in expat (libbsdxml) XML parser

Problem Description: Multiple integer overflows have been discovered in the XMLGetBuffer function in the expat library. Impact: The integer overflows may be exploited by using specifically crafted XML data and lead to infinite loop, or a heap buffer overflow, which results in a Denial of Service...

FreeBSD-SA-15:20.expat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:20.expat Security Advisory The FreeBSD Project Topic: Multiple integer overflows in expat libbsdxml XML parser Category: contrib Module: libbsdxml Announced:...

CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

CVE-2015-4479

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data...

CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

CVE-2015-4496

Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers to execute arbitrary code via crafted sample metadata in an MPEG-4 video file, a related issue to CVE-2015-1538...

CVE-2015-4479

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data...

Debian DSA-3333-1 : iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, bypass of the same-origin...

Nexus Security Bulletin—August 2015Stay organized with collectionsSave and categorize content based on your preferences.

We have released a security update to Nexus devices through an over-the-air OTA update as part of our Android Security Bulletin Monthly Release process. The Nexus firmware images have also been released to the Google Developer site. Builds LMY48I or later address these issues. Partners were...

Debian Security Advisory DSA 3333-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian OpenVAS Vulnerability Test $Id: deb3333.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3333-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2015 Greenbone Networks Gm...

Ubuntu: Security Advisory (USN-2702-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-3333-1 iceweasel - security update

Bulletin has no description...

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2702-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2702-1 advisory. Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. ...

Ubuntu 14.04 LTS : Ubufox update (USN-2702-2)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2702-2 advisory. USN-2702-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox. Tenable has extracted the preceding description block...

Integer overflows in libstagefright while processing MP4 video metadata — Mozilla

Security researcher Joshua Drake reported potential integer overflows in the libstagefright library while processing video sample metadata in MPEG4 video files. This can lead to a potentially exploitable crash...

USN-2702-1: Firefox vulnerabilities

Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via...

USN-2702-1 firefox vulnerabilities

Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via...

CVE-2015-4479

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data...

Overflow issues in libstagefright — Mozilla

An anonymous researcher reported, via TippingPoint's Zero Day Initiative, two integer overflows in the libstagefright library that could be triggered by a malicious 'saio' chunk in an MPEG4 video. These overflows allowed for potential arbitrary code execution. This issue was independently reporte...