bogofilter -- heap corruption through malformed input

Matthias Andree reports: When using Unicode databases default in more recent bogofilter installations, upon encountering invalid input sequences, bogofilter or bogolexer could overrun a malloc'd buffer, corrupting the heap, while converting character sets. Bogofilter would usually be processing...

USN-200-1: Thunderbird vulnerabilities

A buffer overflow was discovered in the XBM image handler. By tricking an user into opening a specially crafted XBM image, an attacker could exploit this to execute arbitrary code with the user's privileges. CAN-2005-2701 Mats Palmgren discovered a buffer overflow in the Unicode string parser...

thunderbird security update

CentOS Errata and Security Advisory CESA-2005:791 An updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail...

security flaw

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

Important: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way...

Fedora Core 4 : firefox-1.0.7-1.1.fc4 (2005-926)

An updated firefox package that fixes several security bugs is now available for Fedora Core 4. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. A bug was found in the way Firefox processes XBM image...

Mandrake Linux Security Advisory : mozilla (MDKSA-2005:170)

A number of vulnerabilities have been discovered in Mozilla that have been corrected in version 1.7.12 : A bug in the way Mozilla processes XBM images could be used to execute arbitrary code via a specially crafted XBM image file CVE-2005-2701. A bug in the way Mozilla handles certain Unicode...

Fedora Core 3 : thunderbird-1.0.7-1.1.fc3 (2005-962)

An updated thunderbird package that fixes various bugs is now available for Fedora Core 3. This update has been rated as having important security impact by the Fedora Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird...

Fedora Core 4 : mozilla-1.7.12-1.5.1 (2005-927)

Updated mozilla packages that fix several security bugs are now available for Fedora Core 4. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML...

Fedora Core 3 : mozilla-1.7.12-1.3.1 (2005-932)

Updated mozilla packages that fix several security bugs are now available for Fedora Core 3. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML...

Fedora Core 3 : firefox-1.0.7-1.1.fc3 (2005-931)

An updated firefox package that fixes several security bugs is now available for Fedora Core 3. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. A bug was found in the way Firefox processes XBM image...

[SECURITY] [DSA 838-1] New mozilla-firefox packages fox multiple vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 838-1 [email protected] http://www.debian.org/security/ Michael Stone October 2nd, 2005 http://www.debian.org/security/faq -...

DSA-838-1 mozilla-firefox - multiple vulnerabilities

Bulletin has no description...

Mozilla / Netscape / Firefox browsers buffer overflow

Buffer oveflow on "zero-width non-joiner" sequence of Arabic Unicode characters...

USN-186-1: Mozilla and Firefox vulnerabilities

Peter Zelezny discovered that URLs which are passed to Firefox or Mozilla on the command line are not correctly protected against interpretation by the shell. If Firefox or Mozilla is configured as the default handler for URLs which is the default in Ubuntu, this could be exploited to execute...

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters...

CVE-2005-2702

CVE-2005-2702 affects Mozilla/Firefox: vulnerable when processing Unicode sequences, specifically zero-width non-joiner characters. Firefox prior to 1.0.7 and Mozilla Suite prior to 1.7.12 are at risk. Reported impact: remote attacker could cause a crash and, in some scenarios, may execute arbitr...

galeon, mozilla security update

CentOS Errata and Security Advisory CESA-2005:789-01 Updated mozilla packages that fix several security bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup...