Debian Linux Security Advisory 2762-1 - Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code.
1f2d0e9338e4bcc954cee7d4e39d03c6db8cc45f37ce200d040a7c5838fbfaf0Debian Linux Security Advisory 2759-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows may lead to the execution of arbitrary code.
55d32055347d4af467fc566b4dc7bd9c67e7e74ad6cd48811322cf8611719708Ubuntu Security Notice 1952-1 - Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Thunderbird. Atte Kettunen discovered a flaw in the HTML5 Tree Builder when interacting with template elements. If a user had scripting enabled, in some circumstances an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
f9eb20686e01bfdc98a78a1cffeea878934e6b7bae8b6f26916712440670244eMandriva Linux Security Advisory 2013-237 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Security researcher Abhishek Arya of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free problem in the Animation Manager during the cloning of stylesheets. This can lead to a potentially exploitable crash. Various other issues were also addressed.
4df6d780c957375d37c25593963fc5e1842fc80c3ddda22c77a645e6dd88d036Red Hat Security Advisory 2013-1269-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird handled certain DOM JavaScript objects. An attacker could use this flaw to make JavaScript client or add-on code make incorrect, security sensitive decisions.
2ac6c15fe7915dc21bfde37dbea34126a051989ad6dcc45ad3abd8a142937d5eRed Hat Security Advisory 2013-1268-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox handled certain DOM JavaScript objects. An attacker could use this flaw to make JavaScript client or add-on code make incorrect, security sensitive decisions.
dc08eb08373c1fda25db89c9b74ea5d8897d4cb1e76d065445c7a870cc5ec4fbUbuntu Security Notice 1951-1 - Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered a flaw in the HTML5 Tree Builder when interacting with template elements. In some circumstances, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
ae7ff1f917c1950c5b6490ce8854e1e96917dda5d21236bc3d2616020543035e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed