Debian Linux Security Advisory 2699-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser. These issues include multiple memory safety errors, missing input sanitizing vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors which may lead to the execution of arbitrary code, privilege escalation, information leaks or cross site scripting.
0c8d95ee21c71cdad274d263f5504e4aa7ef4314c41cc7e9044a6c7ce9603f81VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the XUL "nsHTMLEditRules::nsHTMLEditRules()" function when processing certain objects, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.
f0d46293df9a00f2fa660f6e96989d985d27caaecef937c4a4865e96961181eeMandriva Linux Security Advisory 2013-024 - VUPEN Security, via TippingPoint's Zero Day Initiative, reported a use-after-free within the HTML editor when content script is run by the document.execCommand() function while internal editor operations are occurring. This could allow for arbitrary code execution. The mozilla firefox packages has been upgraded to the latest ESR version which is unaffected by this security flaw.
e61b7c3cf6e2442b66fc8fa3431802d4c6cc8341aead4e8f91ed11c2d82ae1f3Ubuntu Security Notice 1758-2 - USN-1758-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Thunderbird. It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
f4c52da91a0567cbf0ae3291c95b9297f94bf425fa956d9fa86f756330cb5173Red Hat Security Advisory 2013-0627-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. Malicious content could cause Thunderbird to crash or execute arbitrary code with the privileges of the user running Thunderbird.
5e3ce4f991544f7474f56d4ed784978aa17c34ef02757b9256b012bd087af2e7Ubuntu Security Notice 1758-1 - It was discovered that Firefox contained a memory safety issue. If a user were tricked into opening a specially crafted page with the HTML editor, a remote attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.
fc396be00725ab95d22e9cf1d886ab13cc19aa4e976e77848cc98d6af080fd25Red Hat Security Advisory 2013-0614-01 - XULRunner provides the XUL Runtime environment for applications using the Gecko layout engine. A flaw was found in the way XULRunner handled malformed web content. A web page containing malicious content could cause an application linked against XULRunner to crash or execute arbitrary code with the privileges of the user running the application.
38973fe391c8b58afe213772184b5dc17c5bce2b4f8ae96ce3d50714da12e38a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed