security flaw

Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service crash via crafted HTML that triggers memory corruption...

PT-2007-6409 · Mozilla +1 · Firefox +3

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 2.0.0.8 Thunderbird versions prior to 2.0.0.8 SeaMonkey versions prior to 1.1.5 Description: The issue is related to multiple vulnerabilities in the Javascript engine, allowing remote attackers to cause a...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-2421)

This security update brings Mozilla Thunderbird to version 1.5.0.9. http://www.mozilla.org/projects/security/known-vulnerabilities.html It includes fixes to the following security problems: CVE-2006-6497/MFSA2006-68: Crashes with evidence of memory corruption were fixed in the layout engine...

openSUSE 10 Security Update : seamonkey (seamonkey-2250)

This security update brings Mozilla SeaMonkey to version 1.0.6. Please also see http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems: MFSA2006-65: Is split into 3 sub-entries, for ongoing stability improvements ...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-1924)

This security update brings Mozilla Thunderbird to version 1.5.0.6. Note that on SUSE Linux 9.2, 9.3 and 10.0 this is a major version upgrade. More Details can be found on this page: http://www.mozilla.org/projects/security/known-vulnerabilities.html It includes fixes to the following security...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-2418)

This update brings MozillaFirefox to the security update release 1.5.0.9 2.0.0.1 for openSUSE 10.2 and includes the following security fixes : http://www.mozilla.org/projects/security/known-vulnerabilities.html CVE-2006-6497/MFSA2006-68: Crashes with evidence of memory corruption were fixed in th...

GLSA-200708-17 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-17 Opera: Multiple vulnerabilities An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed...

Debian DSA-1339-1 : iceape - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the SeaMonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3089 Ronen Zilberman and Michal Zalewski discovered that a timing...

Debian DSA-1337-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3089 Ronen Zilberman and Michal Zalewski discovered that a timing race allows the injection...

Debian DSA-1338-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3089 Ronen Zilberman and Michal Zalewski discovered that a timing race...

DSA-1339-1 iceape - several

Bulletin has no description...

Heap overflow

Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions PCRE library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE:...

CVE-2007-3944

Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions PCRE library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE:...

DSA-1337-1 xulrunner

Bulletin has no description...

security flaw

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service crash via unspecified vectors that trigger memory corruption...

security flaw

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service crash via unspecified vectors that trigger memory corruption...

Mozilla Firefox 2.0.0.4多个远程安全漏洞

BUGTRAQ ID: 24946 CVECAN ID: CVE-2007-3734,CVE-2007-3735,CVE-2007-3736,CVE-2007-3737,CVE-2007-3738 Mozilla Firefox是一款流行的开源WEB浏览器。 Firefox的浏览器引擎和JavaScript引擎中存在多个内存破坏漏洞，可能允许攻击者导致浏览器崩溃。 addEventListener和setTimeout方式中的漏洞可能允许攻击者破坏浏览器的同源策略向其他站点注入脚本，访问或修改该站点的保密或敏感数据。...

CVE-2007-3735

CVE-2007-3735 affects Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5. The vulnerability is in the JavaScript engine and can cause a remote crash via memory corruption, as described in the initial entry. Connected advisories also reference patches to address these issues (e.g., Fire...

Debian DSA-1305-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1558 Gatan Leurent discovered a cryptographical weakness in APOP...

[SECURITY] [DSA 1306-1] New xulrunner packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1306-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 12th, 2007 http://www.debian.org/security/faq -...