| New User, Welcome! Login |
Next Page >>
3.5.x
Affected: 2010.0
_______________________________________________________________________
Problem Description:
Security issues were identified and fixed in firefox 3.5.x:
liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before
2.0.1 might allow context-dependent attackers to cause a denial of
service (application crash) or execute arbitrary code via unspecified
vectors, related to memory safety issues. (CVE-2009-3388)
Problem Description:
Security issues were identified and fixed in firefox 3.0.x:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1,
and Thunderbird allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute arbitrary
code via unknown vectors (CVE-2009-3979).
Multiple unspecified vulnerabilities in the browser engine in Mozilla
attackers to send selected keystrokes to a form field in a hidden
frame, instead of the intended form field in a visible frame, via
certain calls to the focus method (CVE-2010-1125).
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function
in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4,
Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote
attackers to execute arbitrary code via a DOM node with a long text
value that triggers a heap-based buffer overflow (CVE-2010-1196).
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and
before 3.0.12 and Thunderbird allows remote attackers to cause a
denial of service (memory corruption and application crash) or possibly
execute arbitrary code via unspecified vectors (CVE-2009-2463).
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.14, and 3.5.x before 3.5.3, allow remote attackers
to cause a denial of service (memory corruption and application crash)
or possibly execute arbitrary code via unknown vectors (CVE-2009-3072).
Multiple unspecified vulnerabilities in the JavaScript engine
in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow
Problem Description:
Multiple vulnerabilities has been found and corrected in
mozilla-thunderbird:
dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11
and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x
before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress
a script's URL in certain circumstances involving a redirect and an
error message, which allows remote attackers to obtain sensitive
information about script parameters via a crafted HTML document,
to execute arbitrary code via unknown vectors that trigger memory
corruption, as demonstrated by Nils during a Pwn2Own competition at
CanSecWest 2010 (CVE-2010-1121).
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function
in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4,
Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote
attackers to execute arbitrary code via a DOM node with a long text
value that triggers a heap-based buffer overflow (CVE-2010-1196).
Integer overflow in the XSLT node sorting implementation in Mozilla
+---------------------------------------+
| NAC Software | Vulnerable Versions |
| Release | |
|--------------+------------------------|
| 3.5.x | All 3.5.x versions |
|--------------+------------------------|
| 3.6.x | All 3.6.x versions |
| | prior to 3.6.4.4 |
|--------------+------------------------|
| 4.0.x | All 4.0.x versions |
As I said on my system it's solely Chrome DoS vulnerability. On my system
with Firefox 3.0.13 (and previous versions, when I tested them before) there
is not such issue, when Firefox was DoSed via Chrome, i.e. Cross-Application
DoS. Taking into account that you have this issue with Firefox 3.5.2, than
it can be problem with FF 3.5.x versions, which have tight integration with
Chrome's and other software's URI handlers.
> However I believe this can be used / triggered against any other
> application installed that FireFox knows exists on the target operating
> system. :-)
browsers (Mozilla, IE6 and Opera). Yes, I have Chrome installed on the same
system and it does not affect other browsers (not in case of this DoS hole,
not in case of other holes which I found).
Besides, which exploit works in Firefox 3.5.2 in your case? Maybe it's hole
in Firefox 3.5.x. Then it'll be better for you to check it on the system
with Firefox, but without Chrome. In case if it's Cross-Application DoS
(http://websecurity.com.ua/2600/, which you can read on English
http://translate.google.com/translate?hl=en&ie=UTF-8&u=http://websecurity.com.ua/2600/&sl=uk&tl=en),
and Firefox 3.5.2 is affected via Chrome (you must test it by running
exploit in Firefox 3.5.2 on systems with and without Chrome installed), then
consumption (CPU and memory).
http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit4.html
This exploit for wmk protocol works in Mozilla Firefox 3.0.19 (and besides
previous versions, it must work in 3.5.x and 3.6.x), Internet Explorer 6
(6.0.2900.2180), Google Chrome 1.0.154.48 and Opera 9.52.
For work of exploit the WebMoney Keeper Classic must be installed. In
browsers Firefox and IE occurs blocking and overloading of the system from
starting of WebMoney Keeper (also must work in IE8, but there was no
Problem Description:
Multiple vulnerabilities has been discovered and corrected in samba:
The chain_reply function in process.c in smbd in Samba before 3.4.8 and
3.5.x before 3.5.2 allows remote attackers to cause a denial of service
(NULL pointer dereference and process crash) via a Negotiate Protocol
request with a certain 0x0003 field value followed by a Session Setup
AndX request with a certain 0x8003 field value (CVE-2010-1635).
The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in
browsers (Mozilla, IE6 and Opera). Yes, I have Chrome installed on the same
system and it does not affect other browsers (not in case of this DoS hole,
not in case of other holes which I found).
Besides, which exploit works in Firefox 3.5.2 in your case? Maybe it's hole
in Firefox 3.5.x. Then it'll be better for you to check it on the system
with Firefox, but without Chrome. In case if it's Cross-Application DoS
(http://websecurity.com.ua/2600/, which you can read on English
http://translate.google.com/translate?hl=en&ie=UTF-8&u=http://websecurity.com.ua
/2600/&sl=uk&tl=en),
and Firefox 3.5.2 is affected via Chrome (you must test it by running
>>
>> http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit2.html
>>
>> This exploit for news protocol works in Mozilla Firefox 3.0.19 (and
>> besides
>> previous versions, it must work in 3.5.x and 3.6.x), Internet Explorer 6
>> (6.0.2900.2180), Internet Explorer 8 (8.0.7600.16385), Google Chrome
>> 1.0.154.48 and Opera 9.52.
>>
>> In all mentioned browsers occurs blocking and overloading of the system
>> from
Disclosure Policy :
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
Affected products :
- Comodo Internet Security 3.5.x and 3.8.x (Impact low due to on access scan)
- Comodo Anti-Virus (Impact low due to on access scan)
I. Background
~~~~~~~~~~~~~
>>>
>>> http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit2.html
>>>
>>> This exploit for news protocol works in Mozilla Firefox 3.0.19 (and
>>> besides
>>> previous versions, it must work in 3.5.x and 3.6.x), Internet Explorer 6
>>> (6.0.2900.2180), Internet Explorer 8 (8.0.7600.16385), Google Chrome
>>> 1.0.154.48 and Opera 9.52.
>>>
>>> In all mentioned browsers occurs blocking and overloading of the system
>>> from
> http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit2.html
>
>
> This exploit for news protocol works in Mozilla Firefox 3.0.19 (and
> besides
> previous versions, it must work in 3.5.x and 3.6.x), Internet Explorer 6
> (6.0.2900.2180), Internet Explorer 8 (8.0.7600.16385), Google Chrome
> 1.0.154.48 and Opera 9.52.
>
> In all mentioned browsers occurs blocking and overloading of the
> system from
DoS:
http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit2.html
This exploit for news protocol works in Mozilla Firefox 3.0.19 (and besides
previous versions, it must work in 3.5.x and 3.6.x), Internet Explorer 6
(6.0.2900.2180), Internet Explorer 8 (8.0.7600.16385), Google Chrome
1.0.154.48 and Opera 9.52.
In all mentioned browsers occurs blocking and overloading of the system from
starting of Opera, which appeared as news-client at my computer, and IE8
http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit7.html
(ftp protocol)
Both exploits work in Mozilla Firefox 3.0.19 (and besides previous versions,
it must work in 3.5.x and 3.6.x), Internet Explorer 6 (6.0.2900.2180),
Google Chrome 1.0.154.48 and Opera 9.52.
In browsers Firefox, IE6 and Opera occur blocking and overloading of the
system (and Firefox 3.0.1 was crashing). In Chrome occurs
blocking of the browser. But both exploits don't work in IE8.
for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for
remote attackers to defeat cryptographic protection mechanisms via
a brute-force attack (CVE-2010-3173).
Unspecified vulnerability in the browser engine in Mozilla Firefox
3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before
2.0.9 allows remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary code
via unknown vectors (CVE-2010-3174, CVE-2010-3175, CVE-2010-3176).
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher
Soon I'll also show exploit (for firefoxurl protocol) without using of JS
which crashes IE6, when I'll release special advisory about DoS attacks on
email clients.
This exploit for firefoxurl protocol works in Mozilla Firefox 3.0.19 (and
besides previous versions, it must work in 3.5.x and 3.6.x), Internet
Explorer 6 (6.0.2900.2180), Internet Explorer 8 (8.0.7600.16385), Google
Chrome 1.0.154.48 and Opera 9.52.
In browsers Firefox, Chrome and IE8 occurs blocking and overloading of the
system, and IE6 crashes. At that, if to allow automatic start of the program
for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for
remote attackers to defeat cryptographic protection mechanisms via
a brute-force attack (CVE-2010-3173).
Unspecified vulnerability in the browser engine in Mozilla Firefox
3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before
2.0.9 allows remote attackers to cause a denial of service (memory
corruption and application crash) or possibly execute arbitrary code
via unknown vectors (CVE-2010-3174, CVE-2010-3175, CVE-2010-3176).
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird
>>
>> http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit.html
>>
>> This exploit works in Mozilla Firefox (besides 3.0.x and previous
>> versions,
>> it must work in 3.5.x and 3.6.x), Internet Explorer 6 (6.0.2900.2180),
>> Internet Explorer 8 (8.0.7600.16385), Google Chrome 1.0.154.48 and Opera
>> 9.52. At that in Opera the exploit don't open email client, so DoS attack
>> is
>> going without blocking, only resources consumption (more slowly then in
>> other browsers). And also this exploit must work in SeaMonkey, Internet
Problem Description:
A security issue was identified and fixed in mozilla-thunderbird:
Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14
and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote
attackers to execute arbitrary code via unknown vectors, as exploited
in the wild in October 2010 by the Belmoo malware (CVE-2010-3765).
Packages for 2009.0 are provided as of the Extended Maintenance
-- Affected Vendors:
Mozilla Firefox
-- Affected Products:
Mozilla Firefox 3.5.x
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Mozilla Firefox. User interaction is
Hash: SHA1
ESA-2010-018: RSA Security Advisory: RSA, The Security Division of EMC, announces a fix for a potential security vulnerability in RSA® Authentication Client when storing secret key objects on an RSA SecurID® 800 Authenticator
RSA Authentication Client 2.0.x, 3.0, and 3.5.x contain a potential vulnerability that could allow the unintended extraction, by a properly authenticated user, of secret (or symmetric) key objects stored on an RSA SecurID 800 Authenticator. This potential vulnerability is corrected in RSA Authentication Client 3.5.3.
Description:
CVE Identifier: CVE-2010-3321
Affected: 2010.0
_______________________________________________________________________
Problem Description:
Security issues were identified and fixed in firefox 3.5.x:
Security researcher Alin Rad Pop of Secunia Research reported a
heap-based buffer overflow in Mozilla's string to floating point
number conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a very long
Affected: 2010.0
_______________________________________________________________________
Problem Description:
Security issues were identified and fixed in firefox 3.5.x:
The nsObserverList::FillObserverArray function in
xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows
remote attackers to cause a denial of service (application crash)
via a crafted web site that triggers memory consumption and an
Firefox < 3.6.2) and SeaMonkey < 2.0.4.
http://websecurity.com.ua/uploads/2010/Firefox,%20IE,%20Chrome%20&%20Opera%20DoS%20Exploit.html
This exploit works in Mozilla Firefox (besides 3.0.x and previous versions,
it must work in 3.5.x and 3.6.x), Internet Explorer 6 (6.0.2900.2180),
Internet Explorer 8 (8.0.7600.16385), Google Chrome 1.0.154.48 and Opera
9.52. At that in Opera the exploit don't open email client, so DoS attack is
going without blocking, only resources consumption (more slowly then in
other browsers). And also this exploit must work in SeaMonkey, Internet
Explorer 7 and other browsers.
-- Affected Vendors:
Mozilla Firefox
-- Affected Products:
Mozilla Firefox 3.5.x
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
software utilizing a vulnerable version of Mozilla's Firefox. User
previous versions the exploit leads to CPU Overload. But if to open empty
tab and to close tab with the exploit, then on empty tab the browser can
take 100% of CPU and freezes.
Vulnerable version is Mozilla Firefox 3.0.13 and previous versions (and also
must Firefox 3.5.x).
Vulnerable version is Internet Explorer 6 (6.0.2900.2180) and previous
versions. And potentially next versions (IE7 and IE8).
Vulnerable version is Google Chrome 1.0.154.48 and previous versions (and
Next Page>>
|
|
|
