USN-690-3: Firefox vulnerabilities

Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Firefox could be bypassed by utilizing XBL-bindings. An...

USN-690-2: Firefox vulnerabilities

Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Firefox could be bypassed by utilizing XBL-bindings. An...

Debian: Security Advisory (DSA-1671-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1671-1 (iceweasel)

The remote host is missing an update to iceweasel announced via advisory DSA 1671-1. OpenVAS Vulnerability Test $Id: deb16711.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1671-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian DSA-1671-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0017 Justin Schuh discovered that a buffer overflow in the http-index-forma...

SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 5746)

The acroread package was update to fix several security vulnerabilities in the JavaScript engine. CVE-2008-2992 / CVE-2008-2549 / CVE-2008-4812 / CVE-2008-4813 / CVE-2008-4817 / CVE-2008-4816 / CVE-2008-4814 / CVE-2008-4815 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description...

DSA-1671-1 iceweasel - several vulnerabilities

Bulletin has no description...

DSA-1669-1 xulrunner - several vulnerabilities

Bulletin has no description...

Mozilla Foundation Security Advisory 2008-52

Mozilla Foundation Security Advisory 2008-52 Title: Crashes with evidence of memory corruption rv:1.9.0.4/1.8.1.18 Impact: Critical Announced: November 12, 2008 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.4 Firefox 2.0.0.18 Thunderbir...

CVE-2008-5052

The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via unknown vectors that trigger memory corruption, as demonstrated by...

Design/Logic Flaw

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via vectors related to "insufficient class checking" in the Date class...

CVE-2008-5052

The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via unknown vectors that trigger memory corruption, as demonstrated by...

CVE-2008-5018

The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash via vectors related to "insufficient class checking" in the Date class...

CVE-2008-5018

CVE-2008-5018 affects Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13. Root cause: insufficient class checking in the Date class in the JavaScript engine, enabling remote crash (DoS). Remediation from the initial desc...

CVE-2008-5052

Mozilla Firefox 2.x (pre-2.0.0.18), Thunderbird 2.x (pre-2.0.0.18), and SeaMonkey 1.x (pre-1.1.13) are affected by CVE-2008-5052. The vulnerability arises in AppendAttributeValue in the JavaScript engine and is described as memory corruption that can cause a remote crash (Denial of Service) via u...

Debian DSA-1649-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer overfl...

Mozilla crashes with evidence of memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

Mozilla Foundation Security Advisory 2008-42

Mozilla Foundation Security Advisory 2008-42 Title: Crashes with evidence of memory corruption rv:1.9.0.2/1.8.1.17 Impact: Critical Announced: September 23, 2008 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.2 Firefox 2.0.0.17 Thunderbi...

USN-645-3: Firefox and xulrunner regression

USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes t...

CVE-2008-4062

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...