6 matches found
Mozilla Thunderbird < 135.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 135.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-11 advisory. - Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of...
Mozilla Thunderbird < 128.7
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-10 advisory. - Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. So...
Design/Logic Flaw
The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call...
CVE-2017-14103
The CVE-2017-14103 entry describes a use-after-free in GraphicsMagick 1.3.26: ReadJNGImage and ReadOneJNGImage in coders/png.c mishandles image pointers after certain error conditions, allowing remote attackers to trigger a use-after-free via a crafted file; this is tied to an out-of-order CloseB...
Microsoft Tears off the Band-Aid with EMET
Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit EMET. But for some time, the once-useful tool has been well on its way out to pasture. While EMET was never meant to be anything more than stopgap...
CVE-2010-1121
CVE-2010-1121 affects Mozilla Firefox 3.6.x prior to 3.6.3. The issue is a DOM scope handling flaw when nodes are moved across documents, enabling use-after-free conditions that can lead to remote code execution. Exploitation was demonstrated in a Pwn2Own event; no explicit exploit details are pr...