Fedora Core 3 : thunderbird-1.0.7-1.1.fc3 (2005-962)

An updated thunderbird package that fixes various bugs is now available for Fedora Core 3. This update has been rated as having important security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird...

USN-186-1: Mozilla and Firefox vulnerabilities

Peter Zelezny discovered that URLs which are passed to Firefox or Mozilla on the command line are not correctly protected against interpretation by the shell. If Firefox or Mozilla is configured as the default handler for URLs which is the default in Ubuntu, this could be exploited to execute...

CVE-2005-2705

CVE-2005-2705 is a real vulnerability affecting the JavaScript engine in Firefox prior to 1.0.7 and Mozilla Suite prior to 1.7.12. The root cause is an integer overflow in the JavaScript engine that could allow a remote attacker to execute arbitrary code. The impact is remote code execution with ...

CVE-2005-2705

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code...

firefox security update

CentOS Errata and Security Advisory CESA-2005:785 An updated firefox package that fixes several security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web...

security flaw

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code...

security flaw

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code...

CVE-2004-1810

The CVE-2004-1810 entry maps to a vulnerability in the Opera browser’s JavaScript engine (reported for Opera 7.x). The issue arises when handling very large JavaScript Array objects, where creating an Array with an extremely large size value and writing into it can crash the browser. OpenVAS and ...

galeon, mozilla security update

CentOS Errata and Security Advisory CESA-2005:384-01 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073786.html Affected packages: galeon mozilla mozilla-chat mozilla-devel mozilla-dom-inspector mozilla-js-debugger mozilla-mail mozilla-nspr...

mozilla security update

CentOS Errata and Security Advisory CESA-2005:384 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073779.html https://lists.centos.org/pipermail/centos-announce/2005-April/073780.html...

RHEL 2.1 / 3 : Mozilla (RHSA-2005:384)

Updated Mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bu...

CVE-2005-0989

CVE-2005-0989 concerns the Mozilla family JavaScript engine. Affected products include Mozilla Suite 1.7.6, Firefox 1.0.1/1.0.2, and Netscape 7.2. The vulnerability arises in the find_replen function in jsstr.c, enabling a remote attacker to read portions of heap memory through the string replace...

[SA14820] Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Mozilla Firefox JavaScript Engine Information Disclosu...

CVE-2004-1810

The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service crash by creating a new Array object with a large size value, then writing into that array...

CVE-2004-0361

The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service segmentation fault by creating a new Array object with a large size value, then writing into that array...

CVE-2004-0361

The CVE-2004-0361 case concerns the Safari Javascript engine (Safari 1.2 and earlier). The vulnerability arises when code creates a new Array object with a large size value and then writes into that array, enabling a remote attacker to trigger a denial-of-service (segmentation fault). The availab...

CVE-2004-0361

The Javascript engine in Safari 1.2 and earlier allows remote attackers to cause a denial of service segmentation fault by creating a new Array object with a large size value, then writing into that array...