Documents Associated to David James

New User, Welcome! Login

David James

[USN-878-1] Firefox 3.5 and Xulrunner 1.9.1 regression

We apologize for the inconvenience.

Original advisory details:
 Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and
 David James discovered several flaws in the browser and JavaScript engines
 of Firefox. If a user were tricked into viewing a malicious website, a
 remote attacker could cause a denial of service or possibly execute
 arbitrary code with the privileges of the user invoking the program.
 (CVE-2009-3979, CVE-2009-3980, CVE-2009-3982, CVE-2009-3986)

[USN-874-1] Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities

applications that use xulrunner to effect the necessary changes.

Details follow:

Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and
David James discovered several flaws in the browser and JavaScript engines
of Firefox. If a user were tricked into viewing a malicious website, a
remote attacker could cause a denial of service or possibly execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2009-3979, CVE-2009-3980, CVE-2009-3982, CVE-2009-3986)

[USN-873-1] Firefox 3.0 and Xulrunner 1.9 vulnerabilities

applications that use xulrunner to effect the necessary changes.

Details follow:

Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and
David James discovered several flaws in the browser and JavaScript engines
of Firefox. If a user were tricked into viewing a malicious website, a
remote attacker could cause a denial of service or possibly execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2009-3979, CVE-2009-3981, CVE-2009-3986)

[USN-877-1] Firefox 3.0 and Xulrunner 1.9 regression

We apologize for the inconvenience.

Original advisory details:

 Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and
 David James discovered several flaws in the browser and JavaScript engines
 of Firefox. If a user were tricked into viewing a malicious website, a
 remote attacker could cause a denial of service or possibly execute
 arbitrary code with the privileges of the user invoking the program.
 (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986)

[SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities

browser. The Common Vulnerabilities and Exposures project identifies
the following problems:

CVE-2009-3986:

   David James discovered that the window.opener property allows Chrome
   privilege escalation.

CVE-2009-3985:

   Jordi Chanel discovered a spoofing vulnerability of the URL location bar

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!