the original cloud security
Showing 1 - 3 of 3 RSS Feed

CVE-2012-4203

Status Candidate

Overview

The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark.

Related Files

Ubuntu Security Notice USN-1638-3
Posted Dec 3, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1638-3 - USN-1638-1 fixed vulnerabilities in Firefox. The new packages introduced regressions in cookies handling and the User Agent string. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-4202, CVE-2012-4201, CVE-2012-5836, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4208, CVE-2012-5841, CVE-2012-4207, CVE-2012-5837, CVE-2012-4209, CVE-2012-4210, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838
MD5 | 39bc1fdac43e55818142caa5f97c5357
Ubuntu Security Notice USN-1638-2
Posted Nov 21, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1638-2 - USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-4202, CVE-2012-4201, CVE-2012-5836, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4208, CVE-2012-5841, CVE-2012-4207, CVE-2012-4209, CVE-2012-4210, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838
MD5 | c6fded06c47bd2b26e5046d9ccb8e0cb
Ubuntu Security Notice USN-1638-1
Posted Nov 21, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1638-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-4202, CVE-2012-4201, CVE-2012-5836, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4208, CVE-2012-5841, CVE-2012-4207, CVE-2012-4209, CVE-2012-4210, CVE-2012-5839, CVE-2012-5840, CVE-2012-4212, CVE-2012-4213, CVE-2012-4217, CVE-2012-4218, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-4201, CVE-2012-4202, CVE-2012-4203, CVE-2012-4204, CVE-2012-4205, CVE-2012-4207, CVE-2012-4208, CVE-2012-4209
MD5 | 498864cbc609ba81e7d68e93add966a8
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close