8 matches found
Arbitrary Code Execution
firefox is vulnerable to arbitrary code execution. The vulnerability exists through a heap memory corruption issue in nsFrameList::FIrstChild...
Mozilla Thunderbird Multiple Vulnerabilities -01 May13 (Windows)
This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvuln01may13win.nasl 6125 2017-05-15 09:03:42Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities -01 May13 Windows Authors: Arun Kallavi Copyright:...
Design/Logic Flaw
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial...
CVE-2012-1940
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial...
Buffer overflow and use-after-free issues found using Address Sanitizer — Mozilla
Security researcher Abhishek Arya of Google used the Address Sanitizer tool to uncover several issues: two heap buffer overflow bugs and a use-after-free problem. The first heap buffer overflow was found in conversion from unicode to native character sets when the function fails. The use-after-fr...
Memory corruption
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...
CVE-2008-4063
CVE-2008-4063 affects Mozilla Firefox 3.x up to 3.0.2. The issue involves memory corruption in the layout engine via multiple vectors: (1) this==0 in nsContentList::Item, (2) Hindi/Indic IME interaction with the g key, and (3) inline frame protection when SortByContentOrder is invoked. Impact is ...
CVE-2008-4063
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...