EUVD-2006-2078

Malware in sbrugna...

Pair of Google Chrome Zero-Day Bugs Actively Exploited

Google has addressed two zero-day security bugs that are being actively exploited in the wild. As part of the internet giant’s latest stable channel release version 93.0.4577.82 for Windows, Mac and Linux, it fixed 11 total vulnerabilities, all of them rated high-severity. The two zero days are...

CVE-2006-2073

Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including: Updated info dialog for Chrome app on Windows and Linux. A new clock behind/ahead error message. A...

Use-after-free in Web Audio due to incorrect control message ordering — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a use-after-free in Web Audio due to an issue with how control messages for Web Audio are ordered and processed. This leads to a potentially exploitable crash...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 4 security fixes in this release, including: 369525 High CVE-2014-3154: Use-after-free in filesystem api. Credit to Collin Payne. 369539 High CVE-2014-3155: Out-if-bounds read in SPDY. Credit to James March, Daniel Sommermann and Alan Frindell of Facebook. 369621...

Out of bounds read during WAV file decoding — Mozilla

Security researcher Atte Kettunen from OUSPG reported an out of bounds read during the decoding of WAV format audio files for playback. This could allow web content access to heap data as well as causing a crash...

FreeBSD : chromium -- multiple vulnerabilities (b4023753-a4ba-11e3-bec2-00262d5ed8ee)

Google Chrome Releases reports : 19 vulnerabilities fixed in this release, including : - 344492 High CVE-2013-6663: Use-after-free in svg images. Credit to Atte Kettunen of OUSPG. - 326854 High CVE-2013-6664: Use-after-free in speech recognition. Credit to Khalil Zhani. - 337882 High CVE-2013-666...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 14 security fixes in this release, including: 330420 High CVE-2013-6649: Use-after-free in SVG images. Credit to Atte Kettunen of OUSPG. 331444 High CVE-2013-6650: Memory corruption in V8. This issue was fixed in v8 version 3.22.24.16. Credit to Christian Holler...

Use-after-free in synthetic mouse movement — Mozilla

Security researchers Tyson Smith and Jesse Schwartzentruber of the BlackBerry Security Automated Analysis Team used the Address Sanitizer tool while fuzzing to discover a user-after-free in the functions for synthetic mouse movement handling. Security researcher Atte Kettunen from OUSPG also...

[SECURITY] [DSA 2779-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2779-1 [email protected] http://www.debian.org/security/ Michael Gilbert October 13, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2779-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2779-1 [email protected] http://www.debian.org/security/ Michael Gilbert October 13, 2013 http://www.debian.org/security/faq -...

DSA-2779-1 libxml2 - denial of service

Bulletin has no description...

Crash during WAV audio file decoding — Mozilla

Security researcher Aki Helin from OUSPG used the Address Sanitizer tool to discover a crash during the decoding of WAV format audio files in some instances. This crash is not exploitable but could be used for a denial of service DOS attack by malicious parties...

chromium -- multiple vulnerabilities

Google Chrome Releases reports: 172342 High CVE-2013-0916: Use-after-free in Web Audio. Credit to Atte Kettunen of OUSPG. 180909 Low CVE-2013-0917: Out-of-bounds read in URL loader. Credit to Google Chrome Security Team Cris Neckar. 180555 Low CVE-2013-0918: Do not navigate dev tools upon drag an...

FreeBSD : chromium -- multiple vulnerabilities (46bd747b-5b84-11e2-b06d-00262d5ed8ee)

Google Chrome Releases reports : 162494 High CVE-2012-5145: Use-after-free in SVG layout. Credit to Atte Kettunen of OUSPG. 165622 High CVE-2012-5146: Same origin policy bypass with malformed URL. Credit to Erling A Ellingsen and Subodh Iyengar, both of Facebook. 165864 High CVE-2012-5147:...

Use-after-free when displaying table with many columns and column groups — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered that the combination of large numbers of columns and column groups in a table could cause the array containing the columns during rendering to overwrite itself. This can lead to a user-after-free causing a...

Heap memory corruption issues found using Address Sanitizer — Mozilla

Security researcher Atte Kettunen from OUSPG reported several heap memory corruption issues found using the Address Sanitizer tool. These issues are potentially exploitable, allowing for remote code execution...

Google Sweetens Bug Bounty Pot

Google officials say that they will be handing out bonuses on top of existing rewards to security researchers who report especially troublesome flaws as part of their bug bounty program. Formally known as the Chromium Vulnerability Rewards Program, Google wrote on the Chromium Blog that a number ...

use-after-free in IDBKeyRange — Mozilla

Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. When it is destroyed, this causes a use-after-free, which is potentially exploitable...