Download
| Alert*
oval:org.secpod.oval:def:16372
Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found that the HTML5 Tree Builder does not properly store state when interacting with template elements. Because some stack information is incorrectly stored, the template insertion mode stack can be used when it is emp ... oval:org.secpod.oval:def:16390 The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements, which allows remote attackers to execute arbitra ... oval:org.secpod.oval:def:701410 firefox: Mozilla Open Source web browser Firefox could be made to crash or run programs as your login if it opened a malicious website. oval:org.secpod.oval:def:701417 thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. oval:org.secpod.oval:def:15601 The host is missing a security update according to Mozilla advisory, MFSA 2013-77. The update is required to fix a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to maintain the state of the insertion-mode stack for template elements. Successful exploitat ... oval:org.secpod.oval:def:15618 The host is installed with Mozilla Firefox before 24.0, Thunderbird before 24.0, or SeaMonkey before 2.21 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the applications, which fail to maintain the state of the insertion-mode stack for template elements. Successful ... |