Memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

CVE-2008-4062

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

CVE-2008-4062

Summary: CVE-2008-4062 covers multiple /unspecified / vulnerabilities in Mozilla Firefox (before 2.0.0.17 and 3.x before 3.0.2), Thunderbird (before 2.0.0.17), and SeaMonkey (before 1.1.12). The flaws involve the JavaScript engine and are triggered by vectors related to (1) misinterpretation of N...

USN-645-2: Firefox vulnerabilities

USN-645-1 fixed vulnerabilities in Firefox and xulrunner for Ubuntu 7.04, 7.10 and 8.04 LTS. This provides the corresponding update for Ubuntu 6.06 LTS. Original advisory details: Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were...

USN-645-1: Firefox and xulrunner vulnerabilities

Justin Schuh, Tom Cross and Peter Williams discovered errors in the Firefox URL parsing routines. If a user were tricked into opening a crafted hyperlink, an attacker could overflow a stack buffer and execute arbitrary code. CVE-2008-0016 It was discovered that the same-origin check in Firefox...

Mozilla crashes with evidence of memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

CVE-2008-4062

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related...

CVE-2008-4166

Integer overflow in the JavaScript engine in Avant Browser 11.7 Build 9 and earlier allows remote attackers to cause a denial of service application crash by attempting to URL encode a string containing many instances of an invalid character...

CVE-2008-4166

Integer overflow in the JavaScript engine in Avant Browser 11.7 Build 9 and earlier allows remote attackers to cause a denial of service application crash by attempting to URL encode a string containing many instances of an invalid character...

CVE-2008-4166

The CVE-2008-4166 entry describes an integer overflow in the JavaScript engine of Avant Browser, affecting version 11.7 Build 9 and earlier. The vulnerability allows a remote attacker to cause a denial of service (application crash) by URL-encoding a string containing many invalid characters. No ...

Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow

source: https://www.securityfocus.com/bid/31155/info Avant Browser is prone to an integer-overflow vulnerability that occurs in the JavaScript engine. An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious site. Successfully exploiting this issue may allow...

Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow

Avant Browser 11.7 Build 9 - JavaScript Engine Integer Overflow source: https://www.securityfocus.com/bid/31155/info Avant Browser is prone to an integer-overflow vulnerability that occurs in the JavaScript engine. An attacker can exploit this issue by enticing an unsuspecting victim to view a...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID 67bd39ba-12b5-11dd-bab7-0016179b2dd5 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

GLSA-200808-03 : Mozilla products: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200808-03 Mozilla products: Multiple vulnerabilities The following vulnerabilities were reported in all mentioned Mozilla products: TippingPoint's Zero Day Initiative reported that an incorrect integer data type is used as a CSS...

Debian DSA-1621-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...

DSA-1621-1 icedove - several vulnerabilities

Bulletin has no description...

Debian DSA-1615-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...

Firefox javascript arbitrary code execution

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

Code injection

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...

CVE-2008-2799

Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unknown vectors related to the JavaScript engine...