CVE-2013-5595

CVE-2013-5595 affects the Mozilla/XUL Firefox engine. The vulnerability arises from improper memory allocation in unspecified JavaScript functions, enabling remote attackers to trigger a buffer overflow via a crafted web page. Affected are Firefox before 25.0, Firefox ESR 17.x before 17.0.10, and...

Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...

USN-2009-1: Firefox vulnerabilities

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...

Memory corruption in workers — Mozilla

Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash...

Chromium, V8: Multiple vulnerabilities

Background Chromium is an open-source web browser project. V8 is Google’s open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...

Design/Logic Flaw

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

CVE-2013-1728

Affected software: Mozilla Firefox (before 24.0), Thunderbird (before 24.0), and SeaMonkey (before 2.21). Root cause: IonMonkey memory not properly initialized when Valgrind mode is used, enabling potential leakage of sensitive data. Impact: remote attackers could obtain sensitive information via...

CVE-2013-1728

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

Mozilla Thunderbird < 24.0

Binary data 8011.prm...

CVE-2013-1728

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

Microsoft Internet Explorer Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Low: Red Hat Security Advisory: ruby193-v8 security update

Updated ruby193-v8 packages that fix one security issue are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Fedora Update for v8 FEDORA-2013-14176

Check for the Version of v8 OpenVAS Vulnerability Test Fedora Update for v8 FEDORA-2013-14176 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

Fedora Update for v8 FEDORA-2013-14205

Check for the Version of v8 OpenVAS Vulnerability Test Fedora Update for v8 FEDORA-2013-14205 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

[SECURITY] Fedora 18 Update: v8-3.14.5.10-2.fc18

V8 is Google's open source JavaScript engine. V8 is written in C++ and is u sed in Google Chrome, the open source browser from Google. V8 implements ECMASc ript as specified in ECMA-262, 3rd edition...

UBUNTU-CVE-2013-2882

Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion."...

Google Chrome < 28.0.1500.95 Multiple Vulnerabilities

Binary data 6961.pasl...

Google Chrome < 28.0.1500.95 Multiple Vulnerabilities

Binary data 801428.prm...

MongoDB 任意代码执行漏洞(CVE-2013-4142)

CVE ID:CVE-2013-4142 MongoDB是一个高性能，开源，无模式的文档型数据库，是当前NoSql数据库中比较热门的一种 MongoDB "mongo::mongoFind"函数src/mongo/scripting/v8db.cpp在解析规则表达式时存在一个安全漏洞，允许对MongoDB数据库进行读写访问的用户执行任意代码，拥有只读访问权限的用户可使数据库崩溃。目前还不确定是否是2.2.3版本引入使用的V8 JavaScript引擎而引起的问题 0 MongoDB 2.4.0-2.4.4 厂商解决方案 MongoDB 2.4.5或2.5.1已经修复此漏洞，建议用户下载更...

MongoDB < 2.4.5 / 2.5.1 Multiple Vulnerabilities

The version of the remote MongoDB server is a version prior to version 2.4.5 / 2.5.1. It is, therefore, potentially affected by the following vulnerabilities : - A remote attacker can gain elevated privileges when authenticating as the internal system user name for arbitrary databases...