Ubuntu Security Notice 2936-3 - USN-2936-1 fixed vulnerabilities in Firefox. The update caused an issue where a device update POST request was sent every time about:preferences#sync was shown. This update fixes the problem. Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman, Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup, Andrew McCreight, and Steve Fink discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. An invalid write was discovered when using the JavaScript .watch() method in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
6c4c922dce9d928039cf20682443926b93b23e9cde2cda2a6dd06d853ba4ac09Ubuntu Security Notice 2973-1 - Christian Holler, Tyson Smith, and Phil Ringalda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. Hanno Boeck discovered that calculations with mp_div and mp_exptmod in NSS produce incorrect results in some circumstances, resulting in cryptographic weaknesses. Various other issues were also addressed.
d29c52273e7734f2eb886a43b5407681e67a0595f44c88105e13d3a3a39ba876Debian Linux Security Advisory 3576-1 - Multiple security issues have been found in Icedove, Debian's version of lead to the execution of arbitrary code or denial of service.
05e7b4c1f39005760c9abd1a0ac619a912317ec016c2c8356dc9bb6fbfb07db5Red Hat Security Advisory 2016-1041-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 38.8.0. Security Fix: Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
848e50dd05b02ebc5fa7c8d2366d91b0c6c75b09e63d65e61f63225511c634d3Ubuntu Security Notice 2936-2 - USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. Various other issues were also addressed.
157ccf1b44c12024cd9523ac2451dbf44f6e81c11cb7e3ab919c1c48794a67bfUbuntu Security Notice 2936-1 - Christian Holler, Tyson Smith, Phil Ringalda, Gary Kwong, Jesse Ruderman, Mats Palmgren, Carsten Book, Boris Zbarsky, David Bolter, Randell Jesup, Andrew McCreight, and Steve Fink discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
72de8bd9f672f0da0f03941e20b339aa30efeab5c6302718862f00e934ebad4aDebian Linux Security Advisory 3559-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflows may lead to the execution of arbitrary code or denial of service.
86b8102c6b493627ceb712cc49a70e3ab9e3ccbe6b4eb4d0ab648cea41dbd21cRed Hat Security Advisory 2016-0695-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.1.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
438add94dab646ed2426c1c033bfeaf4fdc37d12f17ae6c15284a7848e3231d7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed