Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow

Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow source: https://www.securityfocus.com/bid/31155/info Avant Browser is prone to an integer-overflow vulnerability that occurs in the JavaScript engine. An attacker can exploit this issue by enticing an unsuspecting victim to view a...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID 67bd39ba-12b5-11dd-bab7-0016179b2dd5 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

GLSA-200808-03 : Mozilla products: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200808-03 Mozilla products: Multiple vulnerabilities The following vulnerabilities were reported in all mentioned Mozilla products: TippingPoint's Zero Day Initiative reported that an incorrect integer data type is used as a CSS...

Debian DSA-1621-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...

DSA-1621-1 icedove - several vulnerabilities

Bulletin has no description...

Debian DSA-1615-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...

Firefox javascript arbitrary code execution

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

Code injection

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

CVE-2008-2799

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

CVE-2008-2799

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

CVE-2008-2799

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

CVE-2008-2799

CVE-2008-2799 pertains to multiple unpatched JavaScript engine flaws in Mozilla Firefox (pre-2.0.0.15), Thunderbird (pre-2.0.0.14 and earlier), and SeaMonkey (pre-1.1.10). The vulnerabilities allow a remote attacker to cause a crash and potentially execute arbitrary code via unknown vectors relat...

CVE-2008-2799

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

Mozilla Foundation Security Advisory 2008-21

Mozilla Foundation Security Advisory 2008-21 Title: Crashes with evidence of memory corruption rv:1.8.1.15 Impact: Critical Announced: July 1, 2008 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0 Firefox 2.0.0.15 SeaMonkey 1.1.10...

Firefox javascript arbitrary code execution

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

USN-619-1: Firefox vulnerabilities

Various flaws were discovered in the browser engine. By tricking a user into opening a malicious web page, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2008-2798, CVE-2008-2799 Sever...

Firefox javascript arbitrary code execution

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

Debian DSA-1574-1 : icedove - several vulnerabilities

This shares a lot of text with dsa-1532.wml, dsa-1534.wml, dsa-1535.wml Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : -...

USN-605-1: Thunderbird vulnerabilities

Various flaws were discovered in the JavaScript engine. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges...

Debian DSA-1562-1 : iceape - programming error

It was discovered that crashes in the JavaScript engine of Iceape, an unbranded version of the SeaMonkey internet suite could potentially lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...