CVE-2016-5259

CVE-2016-5259 : A use-after-free in the Mozilla Firefox function CanonicalizeXPCOMParticipant allows remote code execution via a script that closes its own Service Worker inside a nested sync event loop. Affected: Firefox before 48.0 and Firefox ESR 45.x before 45.3. Impact per sources: arbitrary...

Mozilla: Use-after-free in service workers with nested sync events (MFSA 2016-73)

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop...

UBUNTU-CVE-2016-5259

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop...

CVE-2016-5259

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allows remote attackers to execute arbitrary code via a script that closes its own Service Worker within a nested sync event loop...

Ancient streaming media system /VIEWGOOD/ADI/portal/UserDataSync. aspx file UserGUID parameter SQL injection vulnerability

No description provided by source...

Bugzilla: Multiple vulnerabilities

Background Bugzilla is the bug-tracking system from the Mozilla project. Description Multiple vulnerabilities have been discovered in Bugzilla. Please review the CVE identifiers referenced below for details. Impact Privileged account holders could execute system level commands, and the new user...

Troubleshooting Checklist: Cannot enroll and authenticate a device using Secure Hub

If a device cannot enroll and authenticate using Secure Hub, ask the following questions: Is the user synced to XenMobile? Are there multiple domains managed? For details on multi-domain configuration in MAM+MDM mode, see this Citrix blog post. Is the Global Catalog port managed? From which domai...

Troubleshooting Checklist: Emails are not syncing in Secure Mail, or email folders are not found, or Secure Mail is prompting users for a password multiple times

Do the following: Run the Secure Mail Test troubleshooting tool that finds issues with Active Sync policy configurations. For details, see Secure Mail Test Application. Collect Exchange Server logs. For details, see the Microsoft documentation. Collect Secure Mail logs. In the Secure Mail logs, i...

FreeXL: Multiple vulnerabilities

Background FreeXL is an open source library to extract valid data from within an Excel .xls spreadsheet. Description FreeXL’s shared strings and workbook functions are vulnerable to the remote execution of arbitrary code and Denial of Service. This can be achieved through specially crafted...

Scientific Linux Security Update : tzdata bug fix update on SL5.x, SL6.x i386/x86_64 (20160621)

This update fixes the following bugs : - In 2015, Egypt did not observe Daylight Savings Time DST. However, in 2016, Egypt observes DST from July 7 at 24:00 to October 27 at 24:00. As a consequence of this change, the tzdata package had incorrect data regarding DST in Egypt in 2016. This has been...

USN-2936-3 firefox regression

USN-2936-1 fixed vulnerabilities in Firefox. The update caused an issue where a device update POST request was sent every time about:preferencessync was shown. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Tyson Smith, Phil Ringald...

[SECURITY] Fedora 22 Update: owncloud-8.2.4-1.fc22

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

[SECURITY] Fedora 24 Update: owncloud-8.2.4-1.fc24

ownCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing r ight on the web. ownCloud is extendable via a simple but powerful API f...

WhatsApp launches Desktop Software for Windows and Mac Users

The most popular messaging app WhatsApp now has a fully functional desktop app – both for Mac as well as Windows platform. Facebook-owned WhatsApp messaging software has been a mobile-only messaging platform forever, but from Tuesday, the company is offering you its desktop application for both...

CVE-2016-1034

The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors...

CVE-2016-1034

The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors...

CVE-2016-1034

The CVE-2016-1034 issue affects Adobe Creative Cloud Desktop (Windows/Mac) with the JavaScript API for Creative Cloud Libraries. The Sync Process in this API, prior to version 3.6.0.244 (and affected 3.5.x up to 3.5.1.209 on some entries), can be exploited to read or write arbitrary files on the ...

APSB16-11 Security update available for the Creative Cloud Desktop Application

Adobe has released a security update for the Creative Cloud Desktop Application for Windows and Macintosh. This update resolves an important vulnerability in the Sync Process for Creative Cloud Libraries that could be abused to remotely read and write files on the client’s file system...

Contact Photo Sync - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Contact Photo Sync published at the 'play' market has multiple vulnerabilities...

Address Book & Contacts Sync - BSD license, Customized SSL, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Address Book & Contacts Sync published at the 'play' market has multiple vulnerabilities...