openSUSE Security Update : seamonkey (seamonkey-4074)

Mozilla SeaMonkey was updated to version 2.0.12, fixing various security issues. Following security issues were fixed: MFSA 2011-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

openSUSE Security Update : opera (openSUSE-SU-2012:0992-1)

Opera was updated to version 12.1, fixing various bugs and security issues. http://www.opera.com/docs/changelogs/unix/1201/ Fixes and Stability Enhancements since Opera 12.00 General and User Interface Several general fixes and stability improvements Website thumbnail memory usage improvements...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)

Mozilla XULRunner 1.9.1 was updated to version 1.9.1.17, fixing various security issues. Following security issues were fixed: MFSA 2010-74 / CVE-2010-3777: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products...

openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-4073)

Mozilla XULRunner 1.9.1 was updated to version 1.9.1.17, fixing various security issues. Following security issues were fixed: MFSA 2010-74 / CVE-2010-3777: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products...

Mozilla Firefox 3.6.x < 3.6.14 Multiple Vulnerabilities

Binary data 5808.prm...

Firefox 3.5 < 3.5.17 Multiple Vulnerabilities

The installed version of Firefox 3.5 is earlier than 3.5.17. Such versions are potentially affected by multiple vulnerabilities : - Multiple memory corruption errors exist and may lead to arbitrary code execution. MFSA 2010-74, MFSA 2011-01 - An error exists in the processing of recursive calls t...

ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability

ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-103 March 2, 2011 -- CVE ID: CVE-2011-0055 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Mozilla -- Affected Products: Mozilla Firefox -...

Mozilla Foundation Security Advisory 2011-03

Mozilla Foundation Security Advisory 2011-03 Title: Use-after-free error in JSON.stringify Impact: Critical Announced: March 1, 2011 Reporter: regenrecht Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.14 Firefox 3.5.17 SeaMonkey 2.0.12 Description Security researcher regenrecht reported via...

Design/Logic Flaw

Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the jsHasOwnProperty function and garbage...

CVE-2011-0055

Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the jsHasOwnProperty function and garbage...

CVE-2011-0055

CVE-2011-0055 is a use-after-free in JSON.stringify in js3250.dll affecting Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12. The issue is related to the js_HasOwnProperty handling and garbage collection; exploitation details are not specified in the provided doc...

Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within js3250.dll. In the...

CVE-2011-0055

Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the jsHasOwnProperty function and garbage...

Use-after-free error in JSON.stringify — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a method used by JSON.stringify contained a use-after-free error in which a currently in-use pointer was freed and subsequently dereferenced. This could lead to arbitrary code execution if an attacker was able to...