SuSE 11.2 Security Update : MozillaFirefox (SAT Patch Number 8545)

Mozilla Firefox was updated to the 17.0.10ESR release, fixing various bugs and security issues : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption und...

SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 8491)

Mozilla Firefox has been updated to the 17.0.10ESR release, which fixes various bugs and security issues : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory...

MGASA-2013-0320 Updated firefox & related packages fix multiple security vulnerabilities

Updated firefox packages fix security vulnerabilities: Mozilla Network Security Services NSS before 3.15.2 does not ensure that data structures are initialized before read operations, which allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors...

CentOS Update for firefox CESA-2013:1476 centos5

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2013:1476 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for firefox CESA-2013:1476 centos6

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2013:1476 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

JDK: unspecified sandbox bypass (XML)

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL...

Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20131030)

Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. CVE-2013-5590, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602...

firefox, xulrunner security update

CentOS Errata and Security Advisory CESA-2013:1476 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVS...

CentOS 5 / 6 : firefox (CESA-2013:1476)

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Mozilla: Access violation with XSLT and uninitialized data (MFSA 2013-95)

The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote...

Mozilla: Out-of-bounds read in format-number in XSLT (MFSA 2012-65)

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that...

php: XSLT file writing vulnerability

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension...

libxml2: double-free caused by malformed XPath expression in XSLT

Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling...

Mozilla Integer Overflow in XSLT Node Sorting

Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node...

Mozilla privilege escalation via XPCnativeWrapper pollution

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vectors related to 1 the document.loadBindingDocument...