Mozilla Thunderbird < 17.0.7 Multiple Vulnerabilities

The installed version of Thunderbird is a version prior to 17.0.7 and is, therefore, potentially affected by the following vulnerabilities : - Various, unspecified memory safety issues exist. CVE-2013-1682, CVE-2013-1683 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable',...

Mozilla Thunderbird Multiple Vulnerabilities - June 13 (Mac OS X)

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillathunderbirdmultvulnjun13macosx.nasl 6125 2017-05-15 09:03:42Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - June 13 Mac OS X Authors: Arun Kallavi...

Firefox ESR 17.x < 17.0.7 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 17.x is earlier than 17.0.7 and is, therefore, potentially affected by the following vulnerabilities : - Various, unspecified memory safety issues exist. CVE-2013-1682 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable',...

Thunderbird < 17.0.7 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird is earlier than 17.0.7 and is, therefore, potentially affected by the following vulnerabilities : - Various, unspecified memory safety issues exist. CVE-2013-1682, CVE-2013-1683 - Heap-use-after-free errors exist related to 'LookupMediaElementURITable',...

Mozilla Firefox Multiple Vulnerabilities - June 13 (Mac OS X)

This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillafirefoxmultvulnjun13macosx.nasl 6074 2017-05-05 09:03:14Z teissa $ Mozilla Firefox Multiple Vulnerabilities - June 13 Mac OS X Authors: Arun Kallavi Copyright:...

Mozilla Thunderbird ESR Multiple Vulnerabilities - June 13 (Mac OS X)

This host is installed with Mozilla Thunderbird ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillathunderbirdesrmultvulnjun13macosx.nasl 6104 2017-05-11 09:03:48Z teissa $ Mozilla Thunderbird ESR Multiple Vulnerabilities - June 13 Mac OS X Authors: Arun...

Mozilla: Data in the body of XHR HEAD requests leads to CSRF attacks (MFSA 2013-54)

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks...

Mozilla: Data in the body of XHR HEAD requests leads to CSRF attacks (MFSA 2013-54)

Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks...

Ubuntu 6.06 LTS : firefox vulnerabilities (USN-690-3)

Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Firefox could be bypassed by utilizing XBL-bindings. An...

Design/Logic Flaw

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application...

CVE-2012-5624

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application...

CVE-2012-5624

CVE-2012-5624 affects Qt 4.x where the XMLHttpRequest implementation could be redirected from http to the file: URL scheme, enabling a man‑in‑the‑middle attacker to trigger reads of local files in a QML application. The root cause is improper handling of redirects in XMLHttpRequest, allowing acce...

CVE-2012-5624

Removed by vendor...

CORS requests can omit the preflight request

Cross-Origin Resource Sharing CORS requests are required to send a preflight request if custom headers are included, to check that the host wishes to allow the full request to be made. An example of where this may be needed is for sites that use a custom header with a static value as part of thei...

security update to Firefox 17.0 and other Mozilla based packages (important)

update to Firefox/Thunderbird 17.0 and Seamonkey 2.14 bnc790140 MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 Miscellaneous memory safety hazards MFSA 2012-92/CVE-2012-4202 bmo758200 Buffer overflow while rendering GIF images MFSA 2012-93/CVE-2012-4201 bmo747607 evalInSanbox location context incorrect...

Fedora 17 : qt-4.8.4-1.fc17 (2012-19759)

New bugfix release, see also: http://blog.qt.digia.com/blog/2012/11/29/qt-4-8-4-released/ This release also includes a security fix for: QML XmlHttpRequest Insecure Redirection http://lists.qt-project.org/pipermail/announce/2012-November/000014.ht ml Note that Tenable Network Security has extract...

Fedora 18 : qt-4.8.4-1.fc18 (2012-19673)

New bugfix release, see also: http://blog.qt.digia.com/blog/2012/11/29/qt-4-8-4-released/ This release also includes a security fix for: QML XmlHttpRequest Insecure Redirection http://lists.qt-project.org/pipermail/announce/2012-November/000014.ht ml Note that Tenable Network Security has extract...

CVE-2012-5624

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which allows man-in-the-middle attackers to force the read of arbitrary local files and possibly obtain sensitive information via a file: URL to a QML application...

SeaMonkey 2.x < 2.14 Multiple Vulnerabilities

Binary data 6626.prm...

Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 (Windows)

This host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln02nov12win.nasl 5999 2017-04-21 09:02:32Z teissa $ Mozilla SeaMonkey Multiple Vulnerabilities-02 November12 Windows Authors: Arun Kallavi Copyright:...