Mandriva Linux Security Advisory 2012-146 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Security researcher Abhishek Arya of Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Many of these issues are potentially exploitable, allowing for remote code execution. Various other issues have also been addressed.
d9b0e412f5ed192520dfac9c307c9df27ba2b4bccfafea9d868885005ffef2eb
Mandriva Linux Security Advisory 2012-145 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Abhishek Arya of Google Chrome Security Team discovered a series of use-after-free issues using the Address Sanitizer tool. Security researcher Mariusz Mlynski reported that it is possible to shadow the location object using Object.defineProperty. This could be used to confuse the current location to plugins, allowing for possible cross-site scripting attacks. Various other issues have also been addressed.
9fbb0084a57f0671e6c2c0ce4d1e2841a703b2cf91116f2f1ffd7567ef4804dc
Red Hat Security Advisory 2012-1211-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Content containing a malicious Scalable Vector Graphics image file could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
8c97839258033a6c0ad46097a7e78aa875b3917ef4f5ccb91b32af7bc915816e
Red Hat Security Advisory 2012-1210-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A web page containing a malicious Scalable Vector Graphics image file could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
9b5a9cea8f65e07fb2da4b3a175b7587efbc9e0360d69000b2ead87872003321
ASP-DEv XM Forums RC 3 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
9c3c3c591231a4c49635d09fc01ed180df0ee82e372b40ddb6a9cddc63595ffc
Puma.com suffers from a cross site scripting vulnerability.
9a6077194d65dfacc4d2f18883f2652b3d4f693d2182054e755895b95d48e936
Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and compromise a user's system.
7938b500996336df96808c40f3d1aa2ec7ab56a086cb184341748ff728e6ec44
Secunia Security Advisory - A vulnerability has been reported in Mono, which can be exploited by malicious people to cause a DoS (Denial of Service).
c1aa8c327a4f7c4470540686f5c87599e018b3b674100c125d0ee45adc7f87b0
Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.
13825168a3825675f25b18e32c52792602c8715895e204ddd5686bdd69a09e47
Secunia Security Advisory - Ubuntu has issued an update for libgdata. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
1a1587258c7647774a0fb54acfc08e82810406e76fa1a452dae41c42985155eb
Secunia Security Advisory - Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct phishing attacks, and compromise a user's system.
b63a1f551a67861ee8ae508d94306fe2f1b051184498da150c1ea24186ccf39a
Secunia Security Advisory - Multiple vulnerabilities have been reported in Pale Moon, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and compromise a user's system.
0233ca4e89f1d124dce0ee10ec07c604bba6346399daddcf115256f273e09d7e
Secunia Security Advisory - Some vulnerabilities have been reported in op5 Monitor, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site request forgery attacks.
6928f7f24b305bcb57a4ef0c47d4f2bdd2a2fbc039798601ad93185af8805548
Secunia Security Advisory - Multiple vulnerabilities have been reported in Thunderbird, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and compromise a user's system.
0a4d844a10cfd1f352896a2efa65a6dba99d9258f0e5537a916317c43da1e234
Secunia Security Advisory - A vulnerability has been reported in Atlassian Bamboo, which can be exploited by malicious people to compromise a vulnerable system.
2814041ba8fc9db7912b83beca6dadd7cf24dea41de74cff6cb686a2056a8e6d
Secunia Security Advisory - Two weaknesses and some vulnerabilities have been reported in Atlassian JIRA, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks, conduct spoofing attacks, and bypass certain security restrictions.
e60dc08ba01e11022bcb5b67df20aa62ee01b2897f073690ddce646028c8fd97
Secunia Security Advisory - Multiple vulnerabilities have been reported in SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and compromise a user's system.
624455266972714285a26f15f0a55cb838bb98c054ad76109a940de78fdeabb6
Secunia Security Advisory - A vulnerability has been reported in op5 Monitor, which can be exploited by malicious users to conduct SQL injection attacks.
0485f06a813c37cbb5dc852244afcef98298fd67b16bc0513883a8073ed5b246
Secunia Security Advisory - A vulnerability has been reported in EMC Cloud Tiering Appliance, which can be exploited by malicious people to bypass certain security restrictions.
7f16ed01887ae3346d872da26fa70d8f408f7bcf5e17ba521e9f75cd53ee3550
Secunia Security Advisory - A security issue and a vulnerability have been reported in IBM Infosphere Guardium, which can be exploited by malicious users to disclose certain sensitive information and by malicious people to conduct cross-site request forgery attacks.
ccfcc6388b06b880b7f984079e000353bb576824868a7338ba7252e0ca071e21
Secunia Security Advisory - BalaBit has acknowledged two vulnerabilities in syslog-ng Premium Edition, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
fa866a8756a19b8868b55b73dbf6d8cc79b5be27f5984754219b3a81fc1347ea
Secunia Security Advisory - Some vulnerabilities have been reported in PrestaShop, which can be exploited by malicious people to conduct cross-site scripting attacks.
5a461073c6ad18dc7498c4abd4e3bfd310f7707f119d26217e013e21eafcda17
Secunia Security Advisory - Some vulnerabilities have been reported in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks.
b7b95f2768a2c94096dbd106b71034dcb42b6467ec91752f6a2c606c6178066b
A vulnerability in EMC Cloud Tiering Appliance aka CTA (formerly EMC FMA) could allow an unauthorized user to log in to the affected system as a GUI user with full administrative privileges by providing a specifically crafted malicious file during authentication process.
2c43c7c48281d37bb99bd411cd0836d97db5bdcfd9ed523346b4148742d663fb
ActFax version 4.31 local privilege escalation exploit that spawns cmd.exe.
697ffa7fdf16ff3683bbf980a8167a2982f5b6f043569821203b066d92d2311c