what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

Files

Ubuntu Security Notice 997-1
Posted Oct 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 997-1 - Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Robert Swiecki discovered that Firefox did not properly validate Gopher URLs. If a user were tricked into opening a crafted file via Gopher, an attacker could possibly run arbitrary JavaScript. Eduardo Vela Nava discovered that Firefox could be made to violate the same-origin policy by using modal calls with JavaScript. An attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Firefox did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program.

tags | advisory, arbitrary, local, javascript
systems | linux, ubuntu
advisories | CVE-2010-3175, CVE-2010-3176, CVE-2010-3177, CVE-2010-3178, CVE-2010-3179, CVE-2010-3180, CVE-2010-3182, CVE-2010-3183
SHA-256 | ac95c0836d012f7bd93526e4553d961dfa07e7147255fce74bf2ff82b74446d1
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
San Francisco Makes U-Turn On Killer Robots Plan
Posted Dec 7, 2022

tags | headline, government, usa, botnet
Amnesty International Canada Claims Attack By China-Backed Forces
Posted Dec 7, 2022

tags | headline, government, canada, china, cyberwar
Four Suspects Cuffed, Face Extradition Over Tax Refund Scam Plot
Posted Dec 6, 2022

tags | headline, hacker, government, usa, cybercrime, fraud
CommonSpirit Confirms Network Accessed A Week Before Ransomware Attack
Posted Dec 6, 2022

tags | headline, hacker, privacy, data loss
Want To Detect Cobalt Strike On The Network? Look To Process Memory
Posted Dec 6, 2022

tags | headline, hacker, malware, backdoor
TSA To Expand Facial Recognition Across America
Posted Dec 6, 2022

tags | headline, government, privacy, usa, spyware
Russian State-Owned Bank VTB Hit By Massive DDoS Attack
Posted Dec 6, 2022

tags | headline, hacker, government, bank, russia, denial of service, cyberwar, military
KmsdBot Botnet Is Down After Operator Sends Typo In Command
Posted Dec 6, 2022

tags | headline, hacker, botnet
Explainer: ChatGPT - What Is OpenAI's Chatbot And What Is It Used For?
Posted Dec 6, 2022

tags | headline, botnet, science
FBI Warning: This Ransomware Gang Has Hit Over 100 Targets And Made More Than $60 Million
Posted Dec 5, 2022

tags | headline, government, malware, usa, cybercrime, fraud, fbi, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close