«
Expand/Collapse
60 items tagged "christian holler"
Related tags:
steve fink [+],
jim blandy [+],
jason smith [+],
huey [+],
ed morley [+],
david baron [+],
daniel holbert [+],
chris lord [+],
chris blizzard [+],
andrew sutherland [+],
alexandre poirot [+],
chris jones [+],
brian smith [+],
brad lassey [+],
bill mccloskey [+],
benoit jacob [+],
hilary hall [+],
brian hackett [+],
bob clary [+],
code [+],
zach hoffman [+],
memory corruption [+],
martijn wargers [+],
mario gomes [+],
jordi chancel [+],
jeff walden [+],
henry sivonen [+],
henrik skupin [+],
david bloom [+],
dalili [+],
brian bondy [+],
address [+],
jesse ruderman [+],
ubuntu [+],
gary kwong [+],
zach hoffmann [+],
website [+],
thunderbird [+],
roberto suggi [+],
private browsing [+],
malicious website [+],
layout engine [+],
john schoenick [+],
javascript engine [+],
javascript [+],
execution [+],
engine [+],
buffer overflows [+],
browser [+],
abhishek arya [+],
memory [+],
daniel kozlowski [+],
security [+],
firefox [+],
user [+],
julian seward [+],
boris zbarsky [+],
andrew mccreight [+],
memory safety [+],
notice [+],
igor bukanov [+]
-
-
15:03
»
Packet Storm Security Advisories
Ubuntu Security Notice 1638-2 - USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.
-
15:03
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1638-2 - USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.
-
15:03
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1638-2 - USN-1638-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.
-
15:03
»
Packet Storm Security Advisories
Ubuntu Security Notice 1636-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Thunderbird. Various other issues were also addressed.
-
15:03
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1636-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Thunderbird. Various other issues were also addressed.
-
15:03
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1636-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Thunderbird. Various other issues were also addressed.
-
15:02
»
Packet Storm Security Advisories
Ubuntu Security Notice 1638-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.
-
15:02
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1638-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.
-
15:02
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1638-1 - Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow while rendering GIF format images. An attacker could exploit this to possibly execute arbitrary code as the user invoking Firefox. Various other issues were also addressed.
-
-
16:38
»
Packet Storm Security Advisories
Ubuntu Security Notice 1611-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. CVE-2012-4191) David Bloom and Jordi Chancel discovered that Thunderbird did not always properly handle the element. If a user were tricked into opening a malicious website and had JavaScript enabled, a remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.
-
16:38
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1611-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. CVE-2012-4191) David Bloom and Jordi Chancel discovered that Thunderbird did not always properly handle the element. If a user were tricked into opening a malicious website and had JavaScript enabled, a remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.
-
16:38
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1611-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript enabled, an attacker could exploit these to execute arbitrary JavaScript code within the context of another website or arbitrary code as the user invoking the program. CVE-2012-4191) David Bloom and Jordi Chancel discovered that Thunderbird did not always properly handle the element. If a user were tricked into opening a malicious website and had JavaScript enabled, a remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.
-
-
16:55
»
Packet Storm Security Advisories
Ubuntu Security Notice 1600-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Firefox. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. David Bloom and Jordi Chancel discovered that Firefox did not always properly handle the select element. A remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.
-
16:55
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1600-1 - Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and others discovered several memory corruption flaws in Firefox. If a user were tricked into opening a specially crafted web page, a remote attacker could cause Firefox to crash or potentially execute arbitrary code as the user invoking the program. David Bloom and Jordi Chancel discovered that Firefox did not always properly handle the select element. A remote attacker could exploit this to conduct URL spoofing and clickjacking attacks. Various other issues were also addressed.
-
-
12:59
»
Packet Storm Security Advisories
Ubuntu Security Notice 1548-2 - USN-1548-1 fixed vulnerabilities in Firefox. The new package caused a regression in Private Browsing which could leak sites visited to the browser cache. This update fixes the problem. Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered multiple use-after-free vulnerabilities. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
12:59
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1548-2 - USN-1548-1 fixed vulnerabilities in Firefox. The new package caused a regression in Private Browsing which could leak sites visited to the browser cache. This update fixes the problem. Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered multiple use-after-free vulnerabilities. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
12:59
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1548-2 - USN-1548-1 fixed vulnerabilities in Firefox. The new package caused a regression in Private Browsing which could leak sites visited to the browser cache. This update fixes the problem. Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered multiple use-after-free vulnerabilities. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
-
14:28
»
Packet Storm Security Advisories
Ubuntu Security Notice 1551-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted E-Mail, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
-
14:28
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1551-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted E-Mail, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
-
14:28
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1551-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted E-Mail, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
-
-
17:36
»
Packet Storm Security Advisories
Ubuntu Security Notice 1548-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered multiple use-after-free vulnerabilities. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
17:36
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1548-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered multiple use-after-free vulnerabilities. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
17:36
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1548-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered multiple use-after-free vulnerabilities. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
-
17:12
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1509-2 - USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mario Gomes discovered that the address bar may be incorrectly updated. Drag-and-drop events in the address bar may cause the address of the previous site to be displayed while a new page is loaded. An attacker could exploit this to conduct phishing attacks. Various other issues were also addressed.
-
17:12
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1509-2 - USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mario Gomes discovered that the address bar may be incorrectly updated. Drag-and-drop events in the address bar may cause the address of the previous site to be displayed while a new page is loaded. An attacker could exploit this to conduct phishing attacks. Various other issues were also addressed.
-
-
17:37
»
Packet Storm Security Advisories
Ubuntu Security Notice 1510-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Abhishek Arya discovered four memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
-
17:37
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1510-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Abhishek Arya discovered four memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
-
17:37
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1510-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Abhishek Arya discovered four memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
-
15:19
»
Packet Storm Security Advisories
Ubuntu Security Notice 1509-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mario Gomes discovered that the address bar may be incorrectly updated. Drag-and-drop events in the address bar may cause the address of the previous site to be displayed while a new page is loaded. An attacker could exploit this to conduct phishing attacks. Various other issues were also addressed.
-
15:19
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1509-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mario Gomes discovered that the address bar may be incorrectly updated. Drag-and-drop events in the address bar may cause the address of the previous site to be displayed while a new page is loaded. An attacker could exploit this to conduct phishing attacks. Various other issues were also addressed.
-
15:19
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1509-1 - Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Mario Gomes discovered that the address bar may be incorrectly updated. Drag-and-drop events in the address bar may cause the address of the previous site to be displayed while a new page is loaded. An attacker could exploit this to conduct phishing attacks. Various other issues were also addressed.
-
-
7:32
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1463-6 - USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues affecting Firefox. It was discovered that Mozilla's WebGL implementation exposed a bug in certain NVIDIA graphics drivers. The impact of this issue has not been disclosed at this time. Various other issues were also addressed.
-
-
13:24
»
Packet Storm Security Advisories
Ubuntu Security Notice 1463-4 - USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. It was discovered that Mozilla's WebGL implementation exposed a bug in certain NVIDIA graphics drivers. Various other issues have also been addressed.
-
13:24
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1463-4 - USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. It was discovered that Mozilla's WebGL implementation exposed a bug in certain NVIDIA graphics drivers. Various other issues have also been addressed.
-
13:24
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1463-4 - USN-1463-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. It was discovered that Mozilla's WebGL implementation exposed a bug in certain NVIDIA graphics drivers. Various other issues have also been addressed.
-
-
16:39
»
Packet Storm Security Advisories
Ubuntu Security Notice 1463-1 - Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler, Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. It was discovered that Mozilla's WebGL implementation exposed a bug in certain NVIDIA graphics drivers. The impact of this issue has not been disclosed at this time. Various other issues were also addressed.
-
-
18:30
»
Packet Storm Security Advisories
Ubuntu Security Notice 1430-3 - USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
18:30
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1430-3 - USN-1430-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
-
13:16
»
Packet Storm Security Advisories
Ubuntu Security Notice 1430-1 - Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
13:16
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1430-1 - Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
13:16
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1430-1 - Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
13:13
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1430-2 - USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. Various other issues were also addressed.
-
13:13
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1430-2 - USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. Various other issues were also addressed.
-
-
10:04
»
Packet Storm Security Advisories
Ubuntu Security Notice 1343-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as the user that invoked Thunderbird. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
-
10:04
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1343-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as the user that invoked Thunderbird. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
-
10:04
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1343-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as the user that invoked Thunderbird. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
-
-
16:28
»
Packet Storm Security Advisories
Ubuntu Security Notice 1306-2 - USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 9. Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Various other issues were also addressed.
-
16:28
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1306-2 - USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 9. Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Various other issues were also addressed.
-
16:28
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1306-2 - USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 9. Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Various other issues were also addressed.
-
16:27
»
Packet Storm Security Advisories
Ubuntu Security Notice 1306-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
-
16:27
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1306-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
-
16:27
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1306-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
-
-
11:55
»
Packet Storm Security Advisories
Ubuntu Security Notice 1049-2 - USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Various other issues were also addressed.
-
11:55
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1049-2 - USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Various other issues were also addressed.
-
11:55
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1049-2 - USN-1049-1 fixed vulnerabilities in Firefox and Xulrunner. That update introduced a regression where some Java applets would fail to load. This update fixes the problem. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Various other issues were also addressed.
-
-
11:01
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2180-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Roberto Suggi Liverani discovered that the sanitizing performed by ParanoidFragmentSink was incomplete. Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue. Crashes in the layout engine may lead to the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Various other issues have also been addressed.
-
11:01
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2180-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Roberto Suggi Liverani discovered that the sanitizing performed by ParanoidFragmentSink was incomplete. Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue. Crashes in the layout engine may lead to the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Various other issues have also been addressed.
-
11:01
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2180-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Roberto Suggi Liverani discovered that the sanitizing performed by ParanoidFragmentSink was incomplete. Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue. Crashes in the layout engine may lead to the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Various other issues have also been addressed.
-
8:12
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1049-1 - Multiple vulnerabilities have been addressed in the firefox and xulrunner packages. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. Daniel Kozlowski discovered that a JavaScript Worker kept a reference to memory after it was freed. Various other issues have also been addressed.
-
8:12
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1049-1 - Multiple vulnerabilities have been addressed in the firefox and xulrunner packages. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. Daniel Kozlowski discovered that a JavaScript Worker kept a reference to memory after it was freed. Various other issues have also been addressed.
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution