what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2015-4506

Status Candidate

Overview

Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3, allows remote attackers to execute arbitrary code via a crafted VP9 file.

Related Files

Ubuntu Security Notice USN-2754-1
Posted Oct 5, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2754-1 - Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, and Cameron McCormack discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Khalil Zhani discovered a buffer overflow when parsing VP9 content in some circumstances. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4500, CVE-2015-4506, CVE-2015-4509, CVE-2015-4511, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | afcf289328146265fa6e10eb487f3682313ea3eefcaec70ee5d577d98663106d
Ubuntu Security Notice USN-2743-4
Posted Oct 5, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-4 - USN-2743-1 fixed vulnerabilities in Firefox. After upgrading, some users reported problems with bookmark creation and crashes in some circumstances. This update fixes the problem. Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4519, CVE-2015-4520, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 0a58ee64d61da63ededa11a8bcc5386a5bf626dddc842b8aa624807bad330d10
Red Hat Security Advisory 2015-1834-02
Posted Sep 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1834-02 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two information leak flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to disclose sensitive information or, in certain cases, crash.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-4500, CVE-2015-4506, CVE-2015-4509, CVE-2015-4511, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | b4094aaec45328ec88bd778806c0553e4b43fcf067ab45f0f86192283435c8f9
Ubuntu Security Notice USN-2743-3
Posted Sep 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-3 - USN-2743-1 fixed vulnerabilities in Firefox. Future Firefox updates will require all addons be signed and unity-firefox-extension, webapps-greasemonkey and webaccounts-browser-extension will not go through the signing process. Because these addons currently break search engine installations (LP: #1069793), this update permanently disables the addons by removing them from the system. We apologize for any inconvenience. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4519, CVE-2015-4520, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 564fc19466fc9d259864b3e1262550162910ed750aeccda7e3fcc69fab9bd8b9
Debian Security Advisory 3365-1
Posted Sep 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3365-1 - Multiple security issues have been found in Iceweasel, Debian's version integer overflows, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service.

tags | advisory, denial of service, overflow, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2015-4500, CVE-2015-4506, CVE-2015-4509, CVE-2015-4511, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 9f06181535993a2ed1465714f151805630edd6d8b335d381b49719f716301fdc
Ubuntu Security Notice USN-2743-2
Posted Sep 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-2 - USN-2743-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4519, CVE-2015-4520, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 986b83654da1e91607d0d1a9f51b803b6779ff1380d7d14bd5db7bbf5cc5c08b
Ubuntu Security Notice USN-2743-1
Posted Sep 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-1 - Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4500, CVE-2015-4501, CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 8d33a81f77c730f95dd16f3bab40f85d87cd0c537040f9d23f930b588ce628df
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close