Firefox and Xulrunner vulnerabilities
Releases Ubuntu 10.10 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 9.04 Ubuntu 8.04 Packages firefox - safe and easy web browser from Mozilla firefox-3.0 - safe and easy web browser from Mozilla firefox-3.5 - safe and easy web browser from Mozilla xulrunner-1.9.1 - XUL + XPCOM application runner...
9.9AI Score
0.849EPSS
Security fix for the ALT Linux 5 package poppler5 version 0.12.4-alt0.M51.3
Oct. 20, 2010 Sergey V Turchin 0.12.4-alt0.M51.3 - fix...
7.6AI Score
0.011EPSS
Security fix for the ALT Linux 6 package kernel-image-hpc-skif version 2.6.32-alt24
Oct. 20, 2010 Sergey Bolshakov 2.6.32-alt24 - 2.6.32.24 - CVE-2010-3904...
6.8AI Score
0.001EPSS
SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:049
Check for the Version of...
1.4AI Score
0.667EPSS
chromium -- multiple vulnerabilities
Google Chrome Releases reports: Fixed in 15.0.874.121: [103259] High CVE-2011-3900: Out-of-bounds write in v8. Credit to Christian Holler. Fixed in 15.0.874.120: [100465] High CVE-2011-3892: Double free in Theora decoder. Credit to Aki Helin of OUSPG. ...
AI Score
0.451EPSS
Releases Ubuntu 10.10 Ubuntu 10.04 Ubuntu 9.10 Ubuntu 9.04 Ubuntu 8.04 Ubuntu 6.06 Packages linux - Linux kernel linux-ec2 - Linux kernel for EC2 linux-source-2.6.15 - Linux kernel Details Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters....
7.8CVSS
8.2AI Score
0.232EPSS
SuSE Update for MozillaFirefox,MozillaThunderbird,seamonkey SUSE-SA:2010:049
Check for the Version of...
1.4AI Score
0.667EPSS
Use-after-free error in nsBarProp — Mozilla
Security researcher Sergey Glazunov reported that it was possible to access the locationbar property of a window object after it had been closed. Since the closed window's memory could have been subsequently reused by the system it was possible that an attempt to access the locationbar property...
2.5AI Score
0.168EPSS
Security fix for the ALT Linux 5 package poppler5 version 0.12.4-alt0.M51.2
Oct. 14, 2010 Sergey V Turchin 0.12.4-alt0.M51.2 - fix CVE-2010-3702,...
7.7AI Score
0.006EPSS
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt6
Oct. 14, 2010 Sergey V Turchin 3.5.10-alt6 - CVE-2010-3702 CVE-2010-3704...
7.7AI Score
0.006EPSS
Microsoft Security Bulletin MS10-073 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957) Published: October 12, 2010 Version: 1.0 General Information Executive Summary This security update resolves several publicly disclosed vulnerabilities in the....
2.2AI Score
0.0004EPSS
openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3141)
Mozilla XULRunner 1.9.1 was updated to version 1.9.1.13, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...
8.8CVSS
-0.2AI Score
0.667EPSS
openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-3141)
Mozilla XULRunner 1.9.1 was updated to version 1.9.1.13, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...
8.8CVSS
-0.2AI Score
0.667EPSS
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3154)
Mozilla Thunderbird 3.0 was updated to version 3.0.7, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...
8.8CVSS
-0.2AI Score
0.667EPSS
openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3154)
Mozilla Thunderbird 3.0 was updated to version 3.0.7, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...
8.8CVSS
-0.2AI Score
0.667EPSS
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0632-1)
Mozilla Firefox was updated to version 3.6.10, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products....
8.8CVSS
-0.2AI Score
0.667EPSS
openSUSE Security Update : seamonkey (openSUSE-SU-2010:0632-2)
Mozilla SeaMonkey 2.0 was updated to version 2.0.8, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...
8.8CVSS
10.5AI Score
0.667EPSS
openSUSE Security Update : seamonkey (openSUSE-SU-2010:0632-2)
Mozilla SeaMonkey 2.0 was updated to version 2.0.8, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...
8.8CVSS
-0.2AI Score
0.667EPSS
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0632-1)
Mozilla Firefox was updated to version 3.6.10, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products....
8.8CVSS
-0.2AI Score
0.667EPSS
Microsoft Security Bulletin MS10-061 - Critical Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290) Published: September 14, 2010 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Print Spooler.....
1.6AI Score
0.971EPSS
Mozilla Foundation Security Advisory 2010-51
Mozilla Foundation Security Advisory 2010-51 Title: Dangling pointer vulnerability using DOM plugin array Impact: Critical Announced: September 7, 2010 Reporter: Sergey Glazunov Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.9 Firefox 3.5.12 Thunderbird 3.1.3 Thunderbird...
0.6AI Score
0.233EPSS
Mozilla Patches Firefox DLL Load Hijacking Bug
Mozilla has joined Apple in being among the first to fix the DLL load hijacking attack vector that continues to haunt hundreds of Windows applications. The open-source group released Firefox 3.6.9 with patches for a total of 15 vulnerabilities (11 rated critical), including the publicly known DLL.....
0.3AI Score
0.132EPSS
Dangling pointer vulnerability using DOM plugin array — Mozilla
Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and....
4AI Score
0.233EPSS
Microsoft Security Bulletin MS10-046 - Critical Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198) Published: August 02, 2010 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in Windows Shell. The...
1.7AI Score
0.972EPSS
Google Pays $2K for Chrome Vulnerability
Google has paid out its highest sum yet, $2,000, for the discovery of a high-risk vulnerability found in its Chrome browser. The recipient is developer Sergey Glazunov, who found a DOM method-related means of circumventing the same origin policy. Read the full article. [The H...
1AI Score
About the security content of Safari 5.0 and Safari 4.1 * Last Modified: June 07, 2010 * Article: HT4196 [Email this article] [Print this page] Summary This document describes the security content of Safari 5.0 and Safari 4.1. For the protection of our customers, Apple does not disclose, discuss,.....
0.2AI Score
0.965EPSS
This was an amazingly busy news week in the security world, with a lot of major stories competing for your attention: Microsoft sharing pre-patch vulnerability data with foreign governments, IBM handing out certified pre-owned USB keys, Google spying on Wi-Fi users. If you missed anything, never...
-0.1AI Score
Google in Apology Mode After WiFi Data Grab
Google co-founder Sergey Brin says the company “screwed up” when it equipped its world-roving Street View cars with software code that spent three years capturing personal data from open Wi-Fi networks. “Let me just say: We screwed up,” Brin told a room full of reporters this afternoon at the...
1.3AI Score
Security fix for the ALT Linux 8 package qt4 version 4.6.2-alt3
May 19, 2010 Sergey V Turchin 4.6.2-alt3 - update kde-qt patches - add cups fixes - add fixes for CVE-2010-0047 CVE-2010-0051 CVE-2010-0054 CVE-2010-0648 CVE-2010-0656 CVE-2010-0046 CVE-2010-0049 CVE-2010-0050 CVE-2010-0052 ...
7AI Score
0.955EPSS
Security fix for the ALT Linux 5 package qt4 version 4.5.3-alt3.M50P.1
May 19, 2010 Sergey V Turchin 4.5.3-alt3.M50P.1 - add fixes for CVE-2010-0046 CVE-2010-0049 CVE-2010-0050 CVE-2010-0052 CVE-2010-0047 CVE-2010-0054...
8.8AI Score
0.955EPSS
ID Theft Ring Suspect Caught in India
Sergey Storchak was detained after he landed in New Delhi on a domestic flight from the southwestern holiday state of Goa, a police spokesman said. He is one of 11 people wanted by the U.S. Justice Department in “the largest hacking and identity theft case ever prosecuted,” which was filed in...
0.1AI Score
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt4
Dec. 24, 2009 Sergey V Turchin 3.5.10-alt4 - update to lastest branch 3.5 - Security fixes: - CVE-2009-0945 -...
8.7AI Score
0.089EPSS
Security fix for the ALT Linux 5 package netatalk version 2.0.5-alt1
Dec. 22, 2009 Sergey Kurakin 2.0.5-alt1 - 2.0.5: + fix CVE-2008-5718 + more...
6.2AI Score
0.013EPSS
Security fix for the ALT Linux 5 package poppler5 version 0.12.2-alt1
Dec. 11, 2009 Sergey V Turchin 0.12.2-alt1 - new version -...
7.6AI Score
0.049EPSS
Security fix for the ALT Linux 5 package poppler5 version 0.12.1-alt1
Oct. 19, 2009 Sergey V Turchin 0.12.1-alt1 - new version - add linker version script for libpoppler - security fixes: - CVE-2009-3608 ObjectStream integer...
7.7AI Score
0.086EPSS
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt3
Oct. 19, 2009 Sergey V Turchin 3.5.10-alt3 - security fixes: -...
7.7AI Score
0.086EPSS
Outlook Web Access Attack Using Pushdo Botnet
Here are some technical details on the Outlook Web Access phishing scheme. 1. The Spam According to our preliminary research, the spam emails which attacked OWA users, including Kaspersky, were sent using the pushdo botnet – which is based on malware from the Backdoor.Win32.NewRes family. These...
2.1AI Score
Over on our sister site Viruslist.com, researchers Sergey Golovanov and Igor Soumenkov have published an article that studies a single spam e-mail and illustrates the methods used by cyber criminals to create botnets and conduct mass spam mailings. The methods and techniques used are clearly...
1.8AI Score
Security fix for the ALT Linux 8 package qt4 version 4.5.2-alt6
Sept. 11, 2009 Sergey V Turchin 4.5.2-alt6 - add patch to fix CVE-2009-2700 - patch from kde-qt to add support for isOpen in mysql driver plugin - add patch from MDV to fix qmake wformat...
7AI Score
0.002EPSS
Security fix for the ALT Linux 5 package qt4 version 4.5.2-alt6
Sept. 11, 2009 Sergey V Turchin 4.5.2-alt6 - add patch to fix CVE-2009-2700 - patch from kde-qt to add support for isOpen in mysql driver plugin - add patch from MDV to fix qmake wformat...
6.1AI Score
0.002EPSS
Security fix for the ALT Linux 8 package kde4libs version 4.2.4-alt3
June 29, 2009 Sergey V Turchin 4.2.4-alt3 - CVE-2009-0945, CVE-2009-1690...
7.1AI Score
0.074EPSS
Security fix for the ALT Linux 9 package clamav version 0.95.2-alt1
June 22, 2009 Sergey Y. Afonin 0.95.2-alt1 - NMU - 0.95.2 (fixes: ALT#19770 ) (contains security fixes for CVE-2008-6680, CVE-2009-1241, CVE-2009-1270, CVE-2009-1371,...
7AI Score
0.184EPSS
Security fix for the ALT Linux 8 package clamav version 0.95.2-alt1
June 22, 2009 Sergey Y. Afonin 0.95.2-alt1 - NMU - 0.95.2 (fixes: ALT#19770 ) (contains security fixes for CVE-2008-6680, CVE-2009-1241, CVE-2009-1270, CVE-2009-1371,...
6.9AI Score
0.184EPSS
Security fix for the ALT Linux 10 package clamav version 0.95.2-alt1
June 22, 2009 Sergey Y. Afonin 0.95.2-alt1 - NMU - 0.95.2 (fixes: ALT#19770 ) (contains security fixes for CVE-2008-6680, CVE-2009-1241, CVE-2009-1270, CVE-2009-1371,...
7AI Score
0.184EPSS
7.1AI Score
Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
7.4AI Score
EPSS
0.2AI Score
Joomla! Component Akobook 2.3 - gbid SQL Injection
Joomla! Component Akobook 2.3 - gbid SQL...
AI Score
Directory traversal vulnerability in Mongoose 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the...
6.8AI Score
0.021EPSS