Ubuntu Security Notice 1122-3 - USN-1122-2 fixed vulnerabilities in Thunderbird on Ubuntu 11.04. A regression was introduced which caused Thunderbird to display an empty menu bar. This update fixes the problem. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Various other issues were also addressed
fcbe2acfdfc2dc9d4671f12b4fd20c3af797b24bac4bbc35088a7f1e63975b32Debian Linux Security Advisory 2235-1 - Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.
004f26951b64ddf5048affa53c3e4860e72e310acb89923d1677e2def604574dUbuntu Security Notice 1122-2 - USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick. This update provides the corresponding fixes for Natty. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Multiple other vulnerabilities were also addressed.
ed069d3b5e33561496691a93fcacfaa216af0053b89c9815c07159b843b01c7dUbuntu Security Notice 1122-1 - It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Multiple other vulnerabilities were also addressed.
3003590628e9612fcefacccee2790941e0c013352e03bd3c1f72ab35dfbc7ca4Debian Linux Security Advisory 2228-1 - Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox.
078486b1e8f5b88faea2f516d6b56bfc112bf90d660d1a22609bc809f5526969Mandriva Linux Security Advisory 2011-080 - Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence or non-existence of particular images might indicate whether certain software was installed. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
139b2895ed6cec38a7cbd37a984d8efc5c45dd3312146e5b19d564d7762e49c2Debian Linux Security Advisory 2227-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.
cd32b5302d6b4adfe7810b2d9e4975f20501c8da8a4d10b526805c5c18636305Mandriva Linux Security Advisory 2011-079 - Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system. Various other issues were also addressed.
1c95ea9cdefc67e8ee438446205a5ef410e3cfc12f3fd1aea55221701e09723dUbuntu Security Notice 1121-1 - Boris Zbarsky, Gary Kwong, Jesse Ruderman, Michael Wu, and Ted Mielczarek discovered multiple memory vulnerabilities. An attacker could exploit these to possibly run arbitrary code as the user running Firefox. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. Chris Evans discovered a vulnerability in Firefox's XSLT generate-id() function. An attacker could possibly use this vulnerability to make other attacks more reliable.
0b43ad1f134723fd278888daf7e615fb85bcf6536d2409c43251b5e82195fe61Ubuntu Security Notice 1123-1 - A large number of security issues were discovered in the Gecko rendering engine. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
107e7026a0d71242cee52a86cd3fd92ca9fb2ae7bce238e4916c6c3fc152ee22Ubuntu Security Notice 1112-1 - Multiple vulnerabilities have been identified and fixed in Firefox. It was discovered that there was a vulnerability in the memory handling of certain types of content. It was discovered that Firefox incorrectly handled certain JavaScript requests. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. Various other issues were also addressed.
11059296a4b90b8dea1f0da2aba7f9a9c45481614b445a52cac0efc190a17503
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed