Security update for MozillaFirefox, MozillaThunderbird, mozilla-nspr (important)

Mozilla Firefox and Thunderbird were updated to fix several important vulnerabilities. Mozilla Firefox was updated to 37.0.1. Mozilla Thunderbird was updated to 31.6.0. mozilla-nspr was updated to 4.10.8 as a dependency. The following vulnerabilities were fixed in Mozilla Firefox: Miscellaneous...

Mozilla Firefox Multiple Vulnerabilities-01 (Apr 2015) - Mac OS X

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox Off Main Thread Compositing (OMTC) implements arbitrary code execution vulnerability

Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. A denial of service vulnerability exists in Mozilla Firefox, which could be exploited by remote attackers to execute arbitrary code or launch denial of service attacks...

Weld: Limited information disclosure via stale thread state

It was discovered that under specific conditions the conversation state information stored in a thread-local variable in JBoss Weld was not sanitized correctly when the conversation ended. This could lead to a race condition that could potentially expose sensitive information from a previous...

Memory corruption

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code o...

CVE-2015-0806

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code o...

CVE-2015-0805

The CVE-2015-0805 issue affects Mozilla Firefox’s Off Main Thread Compositing (OMTC). The root cause is an incorrect memset call in the interaction with mozilla::layers::BufferTextureClient::AllocateForSurface, enabling remote attackers to trigger memory corruption via rendering of 2D graphics co...

CVE-2015-0805

The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 makes an incorrect memset call during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code or cause a denial of service...

KLA10525 Multiple vulnerabilities in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird

Multiple serious vulnerabilities have been found in Mozilla Firefox before 37.0, Mozilla Firefox ESR 31.x before 31.6, Mozilla Thunderbird before 31.6. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause a denial of service heap memory corruption and bypass an...

Memory corruption crashes in Off Main Thread Compositing — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover two memory corruption crashes during 2D graphics rendering due to problems in Off Main Thread Compositing. These crashes are potentially exploitable...

Kadimus - LFI Scan & Exploit Tool

Kadimus is a tool to check sites to lfi vulnerability , and also exploit it Features: Check all url parameters /var/log/auth.log RCE /proc/self/environ RCE php://input RCE data://text RCE Source code disclosure Multi thread scanner Command shell interface through HTTP Request Proxy support...

wild copy-exploits-vulnerability warning-the black bar safety net

0x00 Preface This is Project Zero on the articles, the original text of the Taming the wild copy: Parallel Thread Corruption of Links: http://googleprojectzero.blogspot.com/2015/03/taming-wild-copy-parallel-thread.html 2 0 0 2 year, Apache Web serverfound and fixed a very fun bug. The server...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2541-1)

The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service system crash. CVE-2014-7822 A flaw was discovered in how Thread Local Storage TLS is handled by the task switching function in the Linux...

SuSE 11.3 Security Update : Linux Kernel (SAT Patch Numbers 10412 / 10415 / 10416)

The SUSE Linux Enterprise 11 SP3 kernel has been updated to receive various security and bugfixes. New features enabled : - The Ceph and rbd remote network block device drivers are now enabled and supported, to serve as client for SUSE Enterprise Storage 1.0. FATE318328 - Support to selected Bay...

Mandriva Linux Security Advisory : kernel (MDVSA-2015:058)

Multiple vulnerabilities has been found and corrected in the Linux kernel : The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a module name in the salgname field, a different vulnerability than...

Weld: Limited information disclosure via stale thread state

It was discovered that under specific conditions the conversation state information stored in a thread-local variable in JBoss Weld was not sanitized correctly when the conversation ended. This could lead to a race condition that could potentially expose sensitive information from a previous...

CVE-2015-1221

Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, relate...

CVE-2015-1221

Removed by vendor...

UBUNTU-CVE-2015-1221

Use-after-free vulnerability in Blink, as used in Google Chrome before 41.0.2272.76, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect ordering of operations in the Web SQL Database thread relative to Blink's main thread, relate...

Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC

Exploit for linux platform in category dos / poc / ---------------------------------------------------------------------------------------------------- cve-2014-9322poc.c arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment ...