what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2012-1953

Status Candidate

Overview

The ElementAnimations::EnsureStyleRuleFor function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 allows remote attackers to cause a denial of service (buffer over-read, incorrect pointer dereference, and heap-based buffer overflow) or possibly execute arbitrary code via a crafted web site.

Related Files

Mandriva Linux Security Advisory 2012-110-1
Posted Jul 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-110 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Mario Gomes and research firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the address bar by canceling the page load. Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues. Various other security issues have also been addressed.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-1949, CVE-2012-1948, CVE-2012-1950, CVE-2012-1951, CVE-2012-1954, CVE-2012-1953, CVE-2012-1952, CVE-2012-1955, CVE-2012-1966, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1965, CVE-2012-1967
SHA-256 | fc759a56d0fd0415fcdc1530461fc3a3b4be19990db69c21c30eed023857e0e8
Mandriva Linux Security Advisory 2012-110
Posted Jul 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-110 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Mario Gomes and research firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the address bar by canceling the page load. This causes the address of the previously site entered to be displayed in the address bar instead of the currently loaded page. This could lead to potential phishing attacks on users. Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues: two use-after-free problems, one out of bounds read bug, and a bad cast. Various other issues were also addressed.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-1949, CVE-2012-1948, CVE-2012-1950, CVE-2012-1951, CVE-2012-1954, CVE-2012-1953, CVE-2012-1952, CVE-2012-1955, CVE-2012-1966, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1965, CVE-2012-1967
SHA-256 | 1ce982533aa61dcb970d364a88b5efa396148d382b7871b4cc8d8b1681a6aafb
Ubuntu Security Notice USN-1510-1
Posted Jul 18, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1510-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Abhishek Arya discovered four memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-1949, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1967, CVE-2012-1948, CVE-2012-1949, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1967
SHA-256 | 7fbdf2d13586540712963a954d0d8a000a7e4308b3fd503169a4afc53c390b15
Ubuntu Security Notice USN-1509-1
Posted Jul 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1509-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mario Gomes discovered that the address bar may be incorrectly updated. Drag-and-drop events in the address bar may cause the address of the previous site to be displayed while a new page is loaded. An attacker could exploit this to conduct phishing attacks. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-1950, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1965, CVE-2012-1966, CVE-2012-1967, CVE-2012-1948, CVE-2012-1949, CVE-2012-1950, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963
SHA-256 | a4eb4b9de1ce5cbd28ed980c6239c941877de08af4eee9399df2938af61e201b
Red Hat Security Advisory 2012-1089-01
Posted Jul 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1089-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Malicious content could bypass same-compartment security wrappers and execute arbitrary code with chrome privileges.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1967
SHA-256 | 6f1030b3c007e92dee24f9f260950788c90e7f4630f1be858306ba2fad1bbd72
Red Hat Security Advisory 2012-1088-01
Posted Jul 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1088-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A malicious web page could bypass same-compartment security wrappers and execute arbitrary code with chrome privileges.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2012-1948, CVE-2012-1950, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1965, CVE-2012-1966, CVE-2012-1967
SHA-256 | cea61bdad88e780e60f101448dadc4a4dbf7b97d031f7ebf93e805451b42fcdf
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close