| New User, Welcome! Login |
Next Page >>
Mozilla.s
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Mozilla products: Multiple vulnerabilities
Date: August 06, 2008
Bugs: #204337, #218065, #230567, #231975
ID: 200808-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Mozilla products: Multiple vulnerabilities
Date: May 20, 2008
Bugs: #208128, #214816, #218065
ID: 200805-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Mozilla products: Multiple vulnerabilities
Date: August 14, 2007
Bugs: #185737, #187205
ID: 200708-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Some time ago I read your message and also checked Firefox 3.0.6 and
confirmed the crash in it. What I can tell you about this hole.
In the beginning of September 2008 I already wrote about such DoS
vulnerability in Mozilla Firefox (http://websecurity.com.ua/2421/). Which
leads to that after running of the exploit the browser begun taking 100% of
CPU resources and freezes.
The attack was based on using nested marquee tags (this hole was already
found in Firefox 1.0 and 1.5). Vulnerable were Mozilla Firefox 3.0.1 and
Problem Description:
Security issues were identified and fixed in firefox 3.5.x:
liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before
2.0.1 might allow context-dependent attackers to cause a denial of
service (application crash) or execute arbitrary code via unspecified
vectors, related to memory safety issues. (CVE-2009-3388)
Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used
Problem Description:
Security issues were identified and fixed in firefox:
An unspecified function in the JavaScript implementation in Mozilla
Firefox creates and exposes a temporary footprint when there is
a current login to a web site, which makes it easier for remote
attackers to trick a user into acting upon a spoofed pop-up message,
aka an in-session phishing attack. (CVE-2008-5913).
Initiative) a potential reuse of a deleted image frame in Firefox 3.6's
handling of multipart/x-mixed-replace images. Although no exploit was
shown, re-use of freed memory has led to exploitable vulnerabilities
in the past (CVE-2010-0164).
Mozilla developers identified and fixed several stability bugs in the
browser engine used in Firefox and other Mozilla-based products. Some
of these crashes showed evidence of memory corruption under certain
circumstances and we presume that with enough effort at least some
of these could be exploited to run arbitrary code (CVE-2010-0165,
CVE-2010-0167).
So this time I informed browser developers and users about these issues. And
did I receive any thanks from Susan (especially taking into account that I
did inform vendors) or any other user of browsers for this info? No :-). Did
browser vendors answered me? No :-) (at first day) - which is normal for
such cases, based on my experience. Only on second day Opera and Mozilla
answered me and begun investigation of these cases (which is rare case when
they responded on DoS hole, based on my experience), but not other vendors.
> These vendors do not ignore security issues and do respond
> did I receive any thanks from Susan (especially taking into account
> that I
> did inform vendors) or any other user of browsers for this info? No
> :-). Did
> browser vendors answered me? No :-) (at first day) - which is normal for
> such cases, based on my experience. Only on second day Opera and Mozilla
> answered me and begun investigation of these cases (which is rare case
> when
> they responded on DoS hole, based on my experience), but not other
> vendors.
>
Initiative) a potential reuse of a deleted image frame in Firefox 3.6's
handling of multipart/x-mixed-replace images. Although no exploit was
shown, re-use of freed memory has led to exploitable vulnerabilities
in the past (CVE-2010-0164).
Mozilla developers identified and fixed several stability bugs in the
browser engine used in Firefox and other Mozilla-based products. Some
of these crashes showed evidence of memory corruption under certain
circumstances and we presume that with enough effort at least some
of these could be exploited to run arbitrary code (CVE-2010-0165,
CVE-2010-0167).
Mandriva Linux Security Advisory MDVSA-2010:071
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mozilla-thunderbird
Date : April 23, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0
_______________________________________________________________________
Problem Description:
Problem Description:
Security issues were identified and fixed in firefox 3.0.x:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1,
and Thunderbird allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute arbitrary
code via unknown vectors (CVE-2009-3979).
Thierry, I even planned to write here a large message on this subject (which
I planned in the beginning of this year), but I canceled it due lack of time
:-). In a short: the developers are not right and DoS is a security issue.
I tested your vulnerability (your PoC) in all my browsers: Mozilla, Firefox,
IE, Opera and Chrome. Here are results of my tests, which will be additional
stroke to your picture of vulnerable browsers and systems.
Mozilla 1.7.x is not vulnerable. And this is a reason why I like Mozilla
1.7.x, because it hasn't many of the holes which Mozilla added to new
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Mozilla Firefox, SeaMonkey: Multiple vulnerabilities
Date: December 29, 2007
Bugs: #198965, #200909
ID: 200712-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Mozilla Firefox, SeaMonkey, XULRunner: Multiple
vulnerabilities
Date: November 12, 2007
Bugs: #196480
ID: 200711-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Mozilla Thunderbird: Multiple vulnerabilities
Date: November 18, 2007
Bugs: #196481
ID: 200711-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
16.05.2010 - found vulnerability.
17.05.2010 - disclosed at my site.
18.05.2010 - informed developers: Mozilla, Microsoft, Google and Opera.
Found on the 16th
Blogged on the 17th
Told vendors on the 18th
Posted here on the 18th
Problem Description:
Security issues were identified and fixed in firefox 3.5.x:
Security researcher Alin Rad Pop of Secunia Research reported a
heap-based buffer overflow in Mozilla's string to floating point
number conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a very long
string to be converted to a floating point number which would result
in improper memory allocation and the execution of an arbitrary memory
location. This vulnerability could thus be leveraged by the attacker
Problem Description:
Security issues were identified and fixed in firefox 3.0.x:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.14 allow remote attackers to cause a denial of
service (memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors (CVE-2009-3069, CVE-2009-3070,
CVE-2009-3071, CVE-2009-3072).
Hello SecurityFocus!
I want to warn you about Cross-Site Scripting vulnerability in Mozilla,
Firefox and Chrome.
Some time ago Mozilla fixed vulnerability in Firefox described in MFSA
2009-22 (http://www.mozilla.org/security/announce/2009/mfsa2009-22.html).
Which allowed Refresh header to redirect to javascript: URIs.
This vulnerability was fixed in Firefox 3.0.9. And recently, 06.07.2009, I
I know it. And I mentioned about this in my paragraph "Via data: it's
possible to bypass in Firefox ...". In these paragraph I wrote "But in
Firefox 3.0.11 and Google Chrome you can't get to cookies this way", which
is the same that your wrote, but in more laconic way. And in the same
paragraph I wrote "but it's possible in old Mozilla (and in those versions
of Firefox where there is relation between data: page and original page)".
So there are such browsers which data: URIs from redirectors inherit context
of the site. In any case JavaScript execution is dangerous even without
relation with original site.
ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-048
April 2, 2010
-- CVE ID:
CVE-2010-0176
-- Affected Vendors:
Mozilla Firefox
Advisory: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera
and other browsers
-----------------------------
URL: http://websecurity.com.ua/4206/
-----------------------------
Affected products: Mozilla Firefox, Internet Explorer 6, Internet Explorer
8, Google Chrome, Opera and other browsers.
-----------------------------
Timeline:
16.05.2010 - found vulnerability.
Problem Description:
Security issues were identified and fixed in firefox 3.0.x:
Security researcher Alin Rad Pop of Secunia Research reported a
heap-based buffer overflow in Mozilla's string to floating point
number conversion routines. Using this vulnerability an attacker
could craft some malicious JavaScript code containing a very long
string to be converted to a floating point number which would result
in improper memory allocation and the execution of an arbitrary memory
location. This vulnerability could thus be leveraged by the attacker
Original URL:
http://securityreason.com/achievement_securityalert/75
- --- 0.Description ---
Flock is a web browser built on Mozilla.s Firefox codebase that specializes in providing social networking and Web 2.0 facilities built into its user interface. Flock v2.5 was officially released on May 19, 2009.
The Flock browser is available as a free download, and supports Microsoft Windows, Mac OS X, and Linux platforms.
- --- 1. Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) ---
Original URL:
http://securityreason.com/achievement_securityalert/76
- --- 0.Description ---
Camino (from the Spanish word camino meaning "way", "path" or "road") is a free, open source, GUI-based Web browser based on Mozilla's Gecko layout engine and specifically designed for the Mac OS X operating system. In place of an XUL-based user interface used by most Mozilla-based applications, Camino uses Mac-native Cocoa APIs, although it does not use native text boxes.
- --- 1. Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) ---
The main problem exist in dtoa implementation. Camino has the same dtoa as Firefox, SeaMonkey, Chrome, Opera etc.
and it is the same like SREASONRES:20090625.
fix for it in my MustLive Security Pack (http://websecurity.com.ua/1896/).
In 2008 there was found Cross-Site Scripting vulnerability in IPB
(http://securityvulns.ru/Tdocument862.html) via htm and html files in
attachments. It was concerned Internet Explorer, in which a code was
executing in context of the site (in Mozilla and Firefox a code was
executing locally). But as I checked at 12.12.2009, in Opera a code also is
executing in context of the site.
And recently there was found new XSS vulnerability in IPB
(http://securityvulns.ru/Wdocument899.html), this time via txt-files. Which
===============================ADVISORY===============================
Name: Autocomplete Data Theft in Mozilla Firefox
Systems Affected: Mozilla Firefox 3.5, Mozilla Firefox 3.0
Severity: Moderate
Category: Data Leakage
Author: Context Information Security Ltd
Advisory: 4 November 2009
CVE: CVE-2009-3370
- --- 0.Description ---
Opera is a Web browser and Internet suite developed by the Opera Software company. The browser handles common Internet-related tasks such as displaying Web sites, sending and receiving e-mail messages, managing contacts, IRC online chatting, downloading files via BitTorrent, and reading Web feeds. Opera is offered free of charge for personal computers and mobile phones.
- --- 1. Opera 10.01 Remote Array Overrun (Arbitrary code execution) ---
The main problem exist in dtoa implementation. Opera has a very similar dtoa algorithm to the BSD, Chrome and Mozilla products. It is the same issue like SREASONRES:20090625.
http://securityreason.com/achievement_securityalert/63
but fix for SREASONRES:20090625, used by openbsd was not good.
More information about fix for openbsd and similars SREASONRES:20091030,
Original URL:
http://securityreason.com/achievement_securityalert/71
- --- 0.Description ---
The SeaMonkey project is a community effort to develop the SeaMonkey all-in-one internet application suite (see below). Such a software suite was previously made popular by Netscape and Mozilla, and the SeaMonkey project continues to develop and deliver high-quality updates to this concept. Containing an Internet browser, email & newsgroup client with an included web feed reader, HTML editor, IRC chat and web development tools, SeaMonkey is sure to appeal to advanced users, web developers and corporate users.
- --- 1. SeaMonkey 1.1.18 Remote Array Overrun (Arbitrary code execution) ---
The main problem exist in dtoa implementation. SeaMonkey has the same dtoa as a KDE, Opera and all BSD systems. This issue has been fixed in Firefox 3.5.4 and fix
Next Page>>
|
|
|
