[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 196303 Download | Alert*

Mozilla developer Eric Faust reported that during JavaScript compilation GetElementIC typed array stubs can be generated outside observed typesets. This could lead to unpredictable behavior with a potential security impact.

Firefox user Sijie Xia reported that if a user explicitly removes the trust for extended validation (EV) capable root certificates in the certificate manager, the change is not properly used when validating EV certificates, causing the setting to be ignored. This removes the ability of users to explicitly un-trust root certificates from specific certificate authorities.

Compiler Engineer Dan Gohman of Google reported that binary search algorithms in the SpiderMonkey JavaScript engine were prone to overflow in several places, leading to potential out-of-bounds array access. While none of these are known to be directly exploitable, they are unsafe in theory and have been changed as part of general security improvements.

Mozilla developer Myk Melez reported that with specifically timed page navigation, the doorhanger notification for Web App installation could persist from one site to another without being dismissed by the navigation. This could be used by a malicious site to trick a user into installing an application from one site while making it appear to come from another.

The host is installed with Mozilla Firefox and is prone to a SSL certificate validation security weakness vulnerability. A flaw is the present in the browser, as it fails to implement single session security exceptions. Successful exploitation could allow an attacker to conduct spoofing and phishing attacks.

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Description Mozilla T ...

The host is installed with Mozilla Firefox or Mozilla Thunderbird or SeaMonkey and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle memory safety issues. Successful exploitation could allow remote attackers to cause a denial of service (memory corruption and application crash).

Security issues were identified and fixed in mozilla-thunderbird: Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence o ...

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could possibly lead to arbitrary code execution with the privileges of the user running Thunderbird. An arbitrary memory write flaw was found in the way Thunderbird handled out-of-memory conditions. If all memory was ...

SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could possibly lead to arbitrary code execution with the privileges of the user running SeaMonkey. An arbitrary memory write flaw was found in the way SeaMonkey handled out-of-memory cond ...


Pages:      Start    9056    9057    9058    9059    9060    9061    9062    9063    9064    9065    9066    9067    9068    9069    ..   19630

© SecPod Technologies