what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-1353-1

Posted Feb 8, 2012

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1353-1 - Jesse Ruderman and Bob Clary discovered memory safety issues affecting the Gecko Browser engine. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Xulrunner. It was discovered that the Gecko Browser engine did not properly handle node removal in the DOM. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Xulrunner. Various other issues were also addressed.

tags | advisory, denial of service

systems | linux, ubuntu

advisories | CVE-2012-0442, CVE-2011-3659, CVE-2012-0444, CVE-2012-0449, CVE-2011-3670, CVE-2011-3659, CVE-2011-3659, CVE-2011-3670, CVE-2012-0442, CVE-2012-0444, CVE-2012-0449

SHA-256 | f7a6b949074bf0235212ff0d3703dbf9cbeb0609ef5ab85127770d38e309ed10

Download | Favorite | View

Related Files

No related files