EUVD-2018-16933

Malware in sbrugna...

SUSE CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

DEBIAN-CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

Code injection

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

UBUNTU-CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

CVE-2018-5147

The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms. This vulnerability affects Firefox ESR 52.7.2 and Firefox 59.0.1...

CVE-2018-5147

CVE-2018-5147 references the same flaw as CVE-2018-5146, arising from an out-of-bounds write in Vorbis processing, with libtremor used by Firefox on Android/ARM. The initial description notes impact on Firefox ESR < 52.7.2 and Firefox

Mozilla Firefox Out-of-Bounds Memory Write Vulnerability (CNVD-2018-06456 )

Mozilla Firefox browser Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. An out-of-bounds memory write vulnerability exists in libtremor in Mozilla Firefox. A remote user can create specially crafted Vorbis audio data that, when processed by the target user's browse...

FreeBSD : mozilla -- multiple vulnerabilities (7943794f-707f-4e31-9fea-3bbf1ddcedc1)

The Mozilla Foundation reports : CVE-2018-5146: Out of bounds memory write in libvorbis An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. CVE-2018-5147: Out of bounds memory write in libtremor The libtremor library has the same flaw as...

[SECURITY] [DSA 4141-1] libvorbisidec security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4141-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 16, 2018 https://www.debian.org/security/faq -...

KLA11594 SB vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions. Below is a complete list of vulnerabilities: 1. Out of bounds memory write vulnerability in libvorbis can be exploited to bypass security restrictions; 2. Out...

mozilla -- multiple vulnerabilities

The Mozilla Foundation reports: CVE-2018-5146: Out of bounds memory write in libvorbis An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. CVE-2018-5147: Out of bounds memory write in libtremor The libtremor library has the same flaw as...

Out of bounds memory write while processing Vorbis audio data — Mozilla

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of libvorbis on Android and ARM platforms.Update: The 52.7.2 source release accidentally di...

FreeBSD : libtremor -- multiple vulnerabilities (3dac84c9-bce1-4199-9784-d68af1eb7b2e)

The RedHat Project reports : Will Drewry of the Google Security Team reported multiple issues in OGG Vorbis and Tremor libraries, that could cause application using those libraries to crash NULL pointer dereference or divide by zero, enter an infinite loop or cause heap overflow caused by integer...

FreeBSD : libtremor -- memory corruption (40497e81-fee3-4e54-9d5f-175a5c633b73)

The Mozilla Project reports : Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. %NASLMINLEVEL 70300 C...