exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed


Ubuntu Security Notice 978-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 978-2 - USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
SHA-256 | 279e9c9f571dc9eb648f55303ef86819aa3f9ac4e057095049c812b308770b96
Page 1 of 1

Top Authors In Last 30 Days

Recent News

News RSS Feed
New IcedID Malware Variants Shift From Banking Trojans To Ransomware
Posted Mar 28, 2023

tags | headline, hacker, malware, bank, cybercrime, fraud, cryptography
Clearview AI Used Nearly 1m Times By US Police, It Tells The BBC
Posted Mar 28, 2023

tags | headline, government, privacy, usa
North Dakota To Require Cybersecurity Education In Public Schools
Posted Mar 28, 2023

tags | headline, government, usa
The FBI Has Been Buying Bulk Internet Data From Team Cymru
Posted Mar 28, 2023

tags | headline, government, privacy, usa, data loss, fbi
US President Biden Kind Of Mostly Bans Commercial Spyware
Posted Mar 28, 2023

tags | headline, government, privacy, malware, usa, phone, spyware, backdoor
Twitter Takes Legal Action After Source Code Leaked Online
Posted Mar 27, 2023

tags | headline, data loss, twitter
Singapore Businesses Stumbling Over What Security Culture Entails
Posted Mar 27, 2023

tags | headline, singapore
Android App From China Executed Zero Day Exploit On Millions Of Devices
Posted Mar 27, 2023

tags | headline, government, malware, phone, china, google, spyware, backdoor
Five Takeaways From TikTok CEO's Congress Grilling
Posted Mar 27, 2023

tags | headline, government, usa, china, spyware, social
CISA Unleashes Untitled Goose Tool To Honk At Danger In Microsoft's Cloud
Posted Mar 27, 2023

tags | headline, government, microsoft, usa
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By