Lucene search
+L

252 matches found

Mozilla
Mozilla
added 2013/10/29 12:0 a.m.43 views

Memory corruption in workers — Mozilla

Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash...

10CVSS3.2AI score0.05166EPSS
Exploits0References2Affected Software5
Tenable Nessus
Tenable Nessus
added 2013/01/15 12:0 a.m.36 views

SeaMonkey < 2.15 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.15 and thus, is potentially affected by the following security issues : - Multiple, unspecified use-after-free, out-of-bounds read and buffer overflow errors exist. CVE-2012-5829, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763,...

10CVSS7.7AI score0.73364EPSS
Exploits31References49
Tenable Nessus
Tenable Nessus
added 2013/01/15 12:0 a.m.40 views

Mozilla SeaMonkey 2.x <= 2.14 Multiple Vulnerabilities

Binary data 801376.prm...

10CVSS9.2AI score0.73364EPSS
Exploits27References45
Mozilla
Mozilla
added 2012/08/28 12:0 a.m.75 views

SVG buffer overflow and use-after-free issues — Mozilla

Security researcher Arthur Gerkis used the Address Sanitizer tool to find two issues involving Scalable Vector Graphics SVG files. The first issue is a buffer overflow in Gecko's SVG filter code when the sum of two values is too large to be stored as a signed 32-bit integer, causing the function ...

10CVSS2.2AI score0.05194EPSS
Exploits0References4Affected Software5
Mozilla
Mozilla
added 2012/07/17 12:0 a.m.53 views

JSDependentString::undepend string conversion results in memory corruption — Mozilla

Security researcher Bill Keese reported a memory corruption. This is caused by JSDependentString::undepend changing a dependent string into a fixed string when there are additional dependent strings relying on the same base. When the undepend occurs during conversion, the base data is freed,...

10CVSS9.2AI score0.05593EPSS
Exploits0References2Affected Software5
Mozilla
Mozilla
added 2012/06/05 12:0 a.m.63 views

Buffer overflow and use-after-free issues found using Address Sanitizer — Mozilla

Security researcher Abhishek Arya of Google used the Address Sanitizer tool to uncover several issues: two heap buffer overflow bugs and a use-after-free problem. The first heap buffer overflow was found in conversion from unicode to native character sets when the function fails. The use-after-fr...

9.3CVSS1.5AI score0.04852EPSS
Exploits0References6Affected Software5
OpenVAS
OpenVAS
added 2012/03/07 12:0 a.m.39 views

Mandriva Update for mozilla MDVSA-2012:022-1 (mozilla)

Check for the Version of mozilla OpenVAS Vulnerability Test Mandriva Update for mozilla MDVSA-2012:022-1 mozilla Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

7.5CVSS1.2AI score0.73347EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/12/21 12:0 a.m.47 views

FreeBSD : mozilla -- multiple vulnerabilities (e3ff776b-2ba6-11e1-93c6-0011856a6e37)

The Mozilla Project reports : MFSA 2011-53 Miscellaneous memory safety hazards rv:9.0 MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library MFSA 2011-55 nsSVGValue out-of-bounds access MFSA 2011-56 Key detection without JavaScript via SVG animation MFSA 2011-58 Crash...

10CVSS8.3AI score0.69882EPSS
Exploits11References11
Mozilla
Mozilla
added 2011/09/27 12:0 a.m.46 views

Potentially exploitable crash in the YARR regular expression library — Mozilla

Security researcher Aki Helin reported a potentially exploitable crash in the YARR regular expression library used by JavaScript...

9.3CVSS9.2AI score0.05007EPSS
Exploits1References3Affected Software3
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.37 views

Debian DSA-1912-1 : camlimages - integer overflow

It was discovered that CamlImages, an open source image processing library, suffers from several integer overflows, which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. This advisory addresses issues with the reading of TIFF files. It also expands the...

7.5CVSS5.7AI score0.03816EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2010/02/24 12:0 a.m.22 views

Debian DSA-1832-1 : camlimages - integer overflow

Tielei Wang discovered that CamlImages, an open source image processing library, suffers from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

7.5CVSS5.7AI score0.02612EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.148 views

FTPD glob Heap Corruption

The FTPD glob vulnerability manifests itself in handling of the glob command. The problem is not a typical buffer overflow or format string vulnerability, but a combination of two bugs: an implementation of the glob command that does not properly return an error condition when interpreting the...

10CVSS0.3AI score0.74762EPSS
Exploits3References1
Rows per page
Query Builder